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Abstract. Inspired by a recent graphical formalism for A-calculus based on linear logic 
technology, we introduce an untyped structural A-calculus, called Aj, which combines 
actions at a distance with exponential rules decomposing the substitution by means of 
weakening, contraction and derelicition. First, we prove some fundamental properties 
of Aj such as confluence and preservation of /3-strong normalisation. Second, we add a 
strong bisimulation to Aj by means of an equational theory which captures in particular 
Regnier's a-equivalence. We then complete this bisimulation with two more equations for 
(de) composition of substitutions and we prove that the resulting calculus still preserves 
/3-strong normalization. Finally, we discuss some consequences of our results. 



Introduction 

Linear Logic [13] has been very influential in computer science, especially because it pro- 
vides a tool to explicitly control the use of resources by limiting the use of the structural 
rules of weakening and contraction. Erasure (weakening) and duplication (contraction) are 
restricted to formulas marked with an exponential modality, and can only interact with 
non-linear proofs marked with a bang modality. Intuitionistic and Classical Logic can thus 
be encoded by a fragment containing such modalities as, for example, the Multiplicative 
Exponential Linear Logic (MELL). 

MELL proofs can be represented by sequent trees, but MELL Proof-Nets [13] provide a 
better geometrical representation of proofs, eliminating irrelevant syntactical details. They 
have been used extensively to develop different encodings of intuitionistic logic/lambda- 
calculus, giving rise to the geometry of interaction |14j . 

Normalisation of proofs {i.e. cut elimination) in MELL Proof-Nets is performed in 
particular by exponential and commutative rules. Non-linear proofs are distinguished by 
surrounding boxes; the exponential rules handle all the possible operations on them: erasure, 
duplication and linear replacement, corresponding respectively to a cut elimination step 
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involving a box and either a weakening, a contraction or a dereliction. The commutative 
rule instead composes non-linear resources. 

Different cut elimination systems |1 H 1241 [20] . defined as explicit substitution (ES) cal- 
culi, were explained in terms of, or were inspired from, the fine notion of reduction of MELL 
Proof-Nets. They all use the idea that the content of a substitution/cut is a non- linear re- 
source, i.e. a box that can be composed with another one by means of some commutative 
rules. They also share common operational semantics defined in terms of a propagation 
system in which a substitution traverses a term until the variables are reached. 

The structural A-calculus. A graphical representation for A-terms, A j -dags, has 
been recently proposed [2]. It denies boxes by representing them with additional edges 
called jumps, and does not need any commutative reduction rule to compose non-linear 
proofs. This paper studies the term formalism, called A j -calculus, resulting from reading 
back A j -dags (and their correspondent reductions) by means of their sequentialisation the- 
orem [2]. The deep connection between A j -dags and Danos and Regnier's Pure (untyped) 
Proof-Nets [7] has been already studied in [1]. 

Beyond this graphical and logical interpretation, the peculiarity of A j -calculus is that it 
uses two features which were never combined before: action at a distance and multiplicities. 

Action at a distance means that rewriting rules are specified by means of some construc- 
tors which are arbitrarily far away from each other. This approach could be understood as 
inconvenient but this is only apparent because rewriting rules can be locally implemented 
by means of A j -dags. The distance rules of Aj do not propagate substitutions through 
the term except for the linear ones which are evaluated exactly as meta-level substitutions, 
regardless the distance between the involved constructors (variable and jump). 

Multiplicities are intended to count the number of occurrences of a given variable af- 
fected by a jump, i.e. the rewriting rule to be applied for reducing a term of the form i[x/ti] 
depends on \t\x, the number of free occurrences of the variable x in the term t. Indeed, we 
distinguish three cases, Itl^ = 0, Itl^, = 1 and \t\x > 1, which correspond, respectively, to 
weakening-box, dereliction-box and contraction-box cut-elimination rules in Proof Nets. It 
is because of the weakening and contraction rules that we call our language the structural 
A-calculus. 

Content of the paper. We start by showing that Aj admits a simple and elegant 
theory i.e. it enjoys confluence, full composition (FC), and preservation of /3-strong normal- 
isation (PSN). The proof of PSN is particularly concise because of the distance approach. 

The main result of the paper is that the theory of Aj admits a modular extension 
with respect to propagations of jumps: an equational theory is added on top of Aj and 
the obtained extension is shown to preserve all the good properties we mentioned before. 
Actually, we focus on PSN, since FC and confluence for the extended A j -calculus result as 
straightforward. 

In the literature there is a huge number of calculi with expicit substitutions, let con- 
structs or environments, most of them use some rule to specify conmiutation (also called 
propagation or permutation). In order to encompass these formalisms we do not approach 
propagations as rewriting rules, but as equations (which can be used from left to right or 
vice-versa) defining an equivalence relation on terms. 

This is only possible because propagations are not needed in Aj to compute normal 
forms, a fact which is a by-product of the distance notion. Moreover, any particular ori- 
entation of the equations (from left to right or from right to left) results in a terminating 
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rewriting relation, which imphes that the system containing any orientation of the equations 
still enjoys PSN. 

Equations are introduced in two steps. We first consider commutations between in- 
dependent jumps and between jumps and abstractions or left sides of applications. This 
equivalence, written =o, turns out to be a strong bisimulation, i.e. a reduction relation 
which is length preserving; thus PSN for the reduction system A j modulo =o — noted A j /o 

— immediately follows. We also show that =o can be seen as a projection of Regnier's 
cr-equivalence [37] on a syntax with jumps. Actually, =o can be understood as the quo- 
tient induced by the translation [1] of A j -terms to Pure Proof-Nets, which is why it is so 
well-behaved, and why we call it the graphical equivalence. 

The second step is to extend =o with general commutations between jumps and right 
sides of applications and contents of jumps. The resulting substitution equivalence =obox 
does not only subsume composition of jumps, but also decomposition. The equations of 
=obox correspond exactly to the commutative box-box case of Proof-Nets, but they are here 
considered as an equivalence — which is a novelty — and not as a rewriting rule. The 
reduction relation of Aj/obox is a rich rewriting system with subtle behaviour, particularly 
because =obox affects reduction lengths, and thus is not a strong bisimulation. Nonetheless, 
we show that A j /obox enjoys PSN. 

This result is non-trivial, and constitutes the main contribution of the paper. The 
technique used to obtain PSN for Aj/obox consists in 

(1) Projecting Aj/obox reductions into a calculus that we call Avoid/o, 

(2) Proving PSN for Avoid/o, 

(3) Infering PSN for Aj/obox from (1) and (2). 

Actually, Avoid/o can be understood as a memory calculus specified by means of void jumps 

— i.e. jumps ^[x/ii] where x ^ fv(i) — which generalises Klop's A/-calculus [27]. Despite 
the fact that it appears only as a technical tool we claim that it is a calculus interesting on 
its own and can be used for proving termination results beyond those of this paper. 

The last part of the paper presents some interesting consequences of our main result 
concerning different variations on Aj/obox. 

Road Map. 

• Section [Tj recalls some general notions about abstract rewriting. 

• Section [2] presents the Aj-calculus and shows that it enjoys basic properties such as full 
composition, simulation of one-step /3-reduction, and confluence. 

• Section [3] studies preservation of /3-strong normalisation (PSN). The PSN property is 
proved using a modular technique developed in [2T|, which results in a very short formal 
argument in our case. 

• Section m first considers Aj enriched with the equivalence =o, which is related to Regnier's 
cr-equivalence [37], and then with the equivalence =obox7 which also contains composition 
of jumps. 

• Section [5] is devoted to the proof of PSN for Aj modulo =obox7 which is the main contri- 
bution of the paper. 

• Section [6] discusses some consequences of the PSN result of Section [5l 

This paper covers some basic results in [3] by extending them considerably. Indeed, 
the propagation systems considered in [3] are just particular cases of the general equational 
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theory =obox studied in this paper. The proof technique used here to show PSN for A j mod- 
ulo =obox puts in evidence another calculus Avoid/o that has interest in itself. Moreover, 
interesting consequences of the main result are included in Section [6l 

Related Work. Action at a distance has already been used in |33^ \TU[ 135] . but none 
of the previous approaches takes advantage of distance plus control of resources by means 
of multiplicities. Other works use multiplicities [25] but not distance so that the resulting 
formalism contains a lot of rules, which is really less manageable. We think that our 
combined approach is more primitive than ES, and the resulting theory is much simpler. 
Using distance and multiplicities also provides modularity: the substitution rules become 
independent from the set of constructors of the calculus, and thus any change in the language 
does not cause any changes in the associated rewriting rules. Our combined approach does 
not only capture the well-known notions of developments |17| and superdevelopments [28], 
but also allows us to introduce XL-developments, a more powerful notion of development 
defined in [3]. 

In the literature there are many calculi which dealt with permutations of constructors in 
intuitionistic calculi, but all use reduction rules rather than equations, which is less powerful. 
Some that can be captured by our graphical equivalence appear in [191 E3 ES] and those 
captured by our substitution equivalence are [12^ [T6l B3] . Intuitionistic calculi inspired from 
Linear Logic Proof Nets appear for example in [23 ^ 121 1 125]. 

1. Preliminary notions 

As several reduction notions are used along the paper, we first introduce general definitions 
of rewriting. 

A reduction system is a pair (R, -^tz) consisting of a set R and a binary relation -^-ji 
on R called a reduction relation. When (a, h) €— 7>-r, we write a -^-n b and we say that a 
7^-reduces to b. The inverse of -^-ji is written -r-^, i.e. b 7j-<— a iff a -^tz b. The reflexive 
and transitive (resp. transitive) closure of -^-ji is written -^^ (resp. -^ji). Composition of 

relations is denoted by juxtaposition. Given A; > 0, we write a -^-ji 6 iff a is 7^-related to b 

in k steps, i.e. a -^-ji b if a = b and a -^-ji 6 if 3 c s.t. a -^-n c and c -^-ji b. 

Given a reduction system (i?, ^-7^), we use the following reduction notions: 

• 7^ is locally confluent if -jii >'7i'!=^tz tj^j ^-S- if 0, -^tz b and a -^-ji c, then 3d s.t. 

b — T-^ d and c — ^^ d. 

• TZ is confluent if ^i >-^C^-^ tz'^^ '^■^- ^^ ^ ~^TZ ^ ^^'-^ ^ ~^'ti "-' t^^n 3d s.t. b ^-^ d 

and c ^^ d. 

• s € i? is in 7^- normal form, written s € 7^-nf, if there is no s' such that s -^tz s' . 

• s (z R has an 7^-normal form iff there exists u G TZ-nf such that s — 7>^ u. When s has 
a unique 7^-normal form, this one is denoted by Tl{s). 

• s (z R is 7^- weakly normalizing, written s € WMtz, iff s has an 7^- normal form. 

• s (z R is 7^-strongly normalizing or 7?.-terminating, written s € SMtz, if there is no 
infinite 7^-reduction sequence starting at s. 

• s € i? is 7^-finitely branching if the set {s' \ s -^-jz s'} is finite. 

• If s € 7^ is 7?--strongly normalizing and 7?,- finitely branching then ijizis) denotes the 
maximal length of an 7?.-reduction sequence starting at s. This notion is extended 
to lists of terms by r]Tz{si . . . Sm) = Yl'iLi Vn{si). 



PSN MODULO PERMUTATIONS FOR THE STRUCTURAL LAMBDA CALCULUS 



• 7?. is weakly normalizing (resp. strongly normalizing or terminating) if every 
s € 7^ is. 

A strong bisimulation between two reduction systems {S,—^s) and {Q,—^q) is a 
relation E C 5 x Q s.t. for any pair s E t: 

• If s —7-5 s' then there is t' s.t. t — t-q t' and s' E t', and conversely: 

• If t — T-Q t' then there is s' s.t. s —7-5 s' and s' E f'. 

A strong bisimulation for (S,^s) is a strong bisimulation between (5, — >5) and 
itself. In particular we shall make use of the following property whose proof is straightfor- 
ward: 

Lemma 1.1. Let E be a strong bisimulation between two reduction systems (5, —7-5) and 

(1) The relation E preserves reduction lengths, i.e. for any s Et 

• If s —^s s' then 3 t' s.t. t — t-q t' and s' E t' . 

• If t —^Q t' then 3 s' s.t. s —7-5 s' and s' E t' . 

(2) The relation E preserves strong normalization, i.e. for any s E t, s G SNs if o-nd 
only if t & <SMq . 

Given a reduction relation -^s and an equivalence relation E both on S, the reduction 
relation — t-^/e, called reduction S modulo E, is defined by t -^s/z u iS t E t' -^s u' E u. 

Lemma 1.2. Let E be a strong bisimulation for {S,—^s). Then, 

(1) The relation E can be postponed w.r.t -^s, ^-e. ~^*s/-e~^*s ^• 

(2) If -^s is confluent then -^s/z is confluent. 

(3) Ift e SMs, then t G SMs/e- 

Proof. Point [T] is straightforward by induction on the length of -^g/^ using the definition of 
strong bisimulation. Points [2] and [3] follow from Point [TJ □ 

We conclude this section by giving an abstract theorem that we will use to prove strong 
normalisation for different notions of reduction modulo. 

Theorem 1.3 (Termination for reduction modulo by interpretation). Let consider three 
reduction systems {A,^_Ai), (^j— ^^2) '^^d (S,— )-b). Let E (resp. F) be an equivalence on 
A (resp. B). Consider a relation R C ^4 x i?. Suppose that for all u,v, U 

(PO) uRU &i uEv imply 3V s.t. v RV k U F V. 
(PI) uRU k u ^Ai V imply 3V s.t. vRV k U ^*i^V. 
(P2) uRU k u ^A2 V imply 3V s.t. vRV k U ^^V. 
(P3) The reduction relation -^_Ai/e is terminating. 
Then, t R T k T ^ SMq/^ imply t G 57\A(^^|j_42)/e- 

Proof. Suppose t ^ 5A/'(_4^uyl2)/E- Then, there is an infinite (^iU^2)/E-reduction sequence 
starting at t, and since — t-^^^/e is a terminating reduction relation by (P3), this reduction 
has necessarily the form: 
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And can be projected by (-P0), (PI) and (-P2) into an infinite B reduction sequence as 
follows: 



t 


^A/E 


h 


~^A2/E 


t2 


^Ai/E 


ts 


^A2/F 


u 


^A/E 


R 




R 




R 




R 




R 




T 




Ti 


^B/F 


T2 


-^B/F 


T3 


^B/F 


T4 


^B/F 



Since T € SMjg/Y, then we get a contradiction. D 

2. The structural Aj-calculus 

We introduce in this section the structural Aj-calculus, which can simply be understood 
as a refinement of A-calculus. To be self-contained, we start this section by recalling the 
syntax and semantics of A-calculus. The set of A-terms, written Tx, is generated by the 
following grammar: 

(7a) t, u ::= x \ Xx.t \ tu 
Dynamics of A-terms is given by /3-reduction (noted -^p) which is defined as the closure by 
contexts of the following reduction rule: 

{Xx.t)u i-)-^ t{x/u} 

where the meta-operation t{x/u} on A-terms is just a particular case of the meta-operation 
on A j -terms given below. 

The structural Aj-calculus is given by a set of terms and a set of reduction rules. 
The set of A j -terms, written T, is generated by the following grammar: 

(T) t,u ::= X I Xx.t I tu \ t[x/u\ 

The term x is variable, Xx.t an abstraction, tu an application and t[x/u] a sub- 
stituted term. The object [x/u], which is not a term, is called a jump. The terms Xx.t 
and t[x/u] bind x in t, i.e. the sets of free/bound variables of a term are given by the 
following definitions: 

fv(x) := {x} bv(x) 



fv{tu) := f v(t) U fv{u) bv(tu) 

fv{Xx.t) := fv(t) \ {x} hv{Xx.t) 

fvlt[x/u]) := (fv(t)\{x}) Ufv(n) bv(t[2;/u]) 



bv(t) Ubv(ti) 

bv(t) U {x} 

bv(t) U{x}Uhv{u) 



A jump [x/u] in a term t[x/u] is called void if x ^ fv(t). The equivalence relation gen- 
erated by the renaming of bound variables is called a-conversion. Thus for example 
{Xy.x)[x/y] =a {Xy'.x')[x' /y]. The notation t^ is used for the empty sequence of terms if 
n = and for the sequence [ii; . . . ; t„] otherwise; i„ C 5 means that all the elements of the 
sequence belong to the set 5. If i, n G N we use vt^ for the term v if n < i and {vti)!^ 
otherwise; similarly, t[xi/uiW denotes the term t ii n < i and tlxi/uiWxi/uiY^^ otherwise; 
tit2 . . . tn {n > 1) denotes the application (. . . (^1^2) )tn', 
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The meta-level substitution operation is defined by induction on terms by using the 
fohowing equations on a-equivalence classes: 

x{x/u} := u 

y{x/u} := y 

{Xy.t){x/u} := \y.t{x/u} if y ^ f v(u) 

{tv){x/u} := t{x/u}v{x/u} 

t[y/v]{x/u} := t{x/u}[y/v{x/u}] if y ^ f v(u) 

We write t\>u or u<t when it is a (strict) subterm of t. Positions of terms are defined 
as expected (see [52], p. 643, for details); t\p denotes the subterm of t at position p and 
pos^.(t) denotes the set of all the positions p of t s.t. t\p = x. 

We use |t| to denote the size of t. We write \t\x for the number of free occurrences of the 
variable x in the term t, called the multiplicy of x in t. We extend this notion to sets of 
variables by |i|r := Sajgrl^U- A key notion used to define the semantics of the Aj-calculus 
is that of renaming: given a term t and a subset S C pos^(t) n f v(t), we write Ry'^{t) for 
the term t' verifying t'\p = t\p if p ^ S and t'\p = y if {t\p = x &i p & S). Thus for example, 

jj{lll,2},Z. ^ 

Hy (xzxxj = yzxy. 

When \t\x = n > 2, we write hy\ for any non-deterministic replacement of z (1 < 

i < n — 1) occurrences of a; in t by a fresh variable y, i.e. tr^i denotes any term Ry'^{t) s.t. 
|5| > 2 and S C pos^(t). Thus for example, {xxxx)[yj^ may denote (yxyx) or (xyyy) but 
not {yyyy). 

Contexts are generated by the following grammar: 

C ■.■.= a\Cv\vC\ v[y/C] I C[y/v] \ Xy.C 

We write C[i] to denote the term obtained by replacing the hole D in C by the term t. Thus 
for example Ax.2;[y/u;n][a;] = Xx.z[y/wx] (remark that capture of variables is possible). 
The binding set of a context is defined as follows: 

bs(n) := hs{t[x/C]) := bs(C) 

bs(tC7) := bs(C) hslc[x/v]) := bs(C) U {x} 

hs{Cv) := bsjc) hslXx.C) := \>s{C)U{x} 

We now consider the rewriting rules of the structural A-calculus (Figure [1]), which 
decompose the /3-rule into a finer set of rules. The letter L in the rule dB denotes a list 
[xi/iti] . . . [xk/uk] of jumps with fc € N (so potentially A; = 0) such that {xi, . . . ,Xk} n 
f v(u) = 0. The dB rule extends the usual B rule {Xx.t)u — >b t[x/u] by allowing to introduce 
some distance between the abstraction Xx.t and the argument u which is specified by means 
of a list of substitutions L. This natural extension comes from reading back a multiplicative 
cut in A j -dags or Pure Proof-Nets [HIT]. 

The substitution rules also deserve some explanation. The side conditions \t\x = 0, 
\t\x = 1 and \t\x > 1 are global on terms but local on graphs, simply because in the graph 
all the occurrences of the same variable are grouped together. Also, the (global) meta- 
substitution operation t{x/u} used in the right-hand side of the rule d is completely local 
on graphs. Similarly, the meta-operation tiy^ used in the right-hand side of the c-rule is an 
algebraic notation for the local operation on graphs which splits the co-located occurrences 
of x into two disjoint and non-empty sets, one of which corresponds to x, while the other 
is associated to the fresh variable y. Thus, the structural A-calculus can be seen as an 
algebraic language useful to study A j -dags and Pure Proof-Nets. 
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(Beta at a distance) {Xx.t)L u t-^^B t[x/u]L 

(weakening) t[x/u] i-^„ t if \t\x = 

(dereliction) t[x/u] i-)-(j t{x/u} if \t\x = 1 

(contraction) t[x/u] \-^c t^y^^[x/u\[y/u] if jtl^; > 1 

Figure 1: The A j -reduction system 

We close these rules by contexts, as usual: -^ii denotes the contextual closure of i-^-r,, 
for TZ C {dB,w, d, c}. We write — )-^w for the reduction relation — >-dB,d,c- The reduction 
relation ^►;^j (resp. — t-j) is generated by all (resp. all expect dB) the previous rewriting 
rules modulo a-conversion. 

An expected property of Aj is that the reduction relation Aj is stable by substitution. 

Lemma 2.1. Let t,u £ terms. 

• If t — )-Aj t' , then t{x/u} — )'aj t'{x/u}. 

• If u — )-Aj u' , then t{x/u} — )-^. t{x/u'}. 

In the rest of this section we shall prove the following properties of A j : full composition 
(Lemma I2.2p , simulation of one step /^-reduction (Lemma 12. 4p , termination and uniqueness 
of normal forms of the substitution calculus —t-j (Lemmas 12.91 and I2.10p . postponement of 
erasing reductions f Lemma 12. 12p and confluence of Aj (Theorem 12. 16p . 

2.1. Jumps and Multiplicities. The first property we show in this section is full com- 
position, stating that any jump [x/u] in a substituted term t[x/u] can be reduced to its 
implicit form t{x/u}. There are two interesting points. The first is that in contrast with 
most calculi of explicit substitutions, full composition holds with no need of equivalences. 
The second is that the proof is by induction on \t\x and not on the structure of t. 

Lemma 2.2 (Full Composition (FC)). Let t,u £ T. Then t[x/u\ — >^ t{x/u}. Moreover, 
\t\x > 1 implies t[x/u\ — J-j^c t{x/u}. 

Proof. By induction on \t\x- 

• If \t\x = 0, then t[x/u] — )•„ t = t{x/u}. 

• If \t\x = 1, then t[x/u] — )-d t{x/u}. 

• If \t\x > 2, then 

t[x/u] -^c tiy]Jy/u][x/u] ^+ {i.h.) 
Hy]Ay/u}[x/u] ^+ {i.h.) 

Hy]Ay/'^}{x/'^} = t{x/u} n 

Due to the very general form of the duplication rule of A j , we get the following corollary 
which together with full composition can be seen as a generalised composition property: 

Corollary 2.3. Given S C pos^(t) s.t. \S\ > 2, then t[x/u] — )-^ Ry'^{t){y/u}[x/u], where 
y is a fresh variable. 

Proof. The term ^[x/ii] c-reduces to Ry'^{t)[y/u][x/u]. We conclude by full composition. □ 
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Thus for example (x(xx))[2;/u] ^^. {x{ux))[x/u]. Note that this property is not enjoyed 
by traditional explicit substitution calculi: for instance, in Ax [6], the term (x(xx))[x/n] 
cannot be reduced to {x{ux))\x / u\. However, it holds in calculi with partial substitutions, 
as Milner's calculus Asub [33j . It is not difficult (see e.g. [22]) to define a translation T on 
terms such that t — ^-Asub *' implies T{t) — >-^. T(i'). This property allows in particular to 
deduce normalisation properties for Asub from those of Aj . 

The one-step simulation of A-calculus follows directly from full composition: 
Lemma 2.4 (Simulation of A-calculus). Let t € Ta- If t — )-^ t' then t -^^i ^'■ 

Proof. By induction on t — )-/3 t'. Let t = {Xx.u)v -^(s u{x/v}, then t — j-dB u[x/v] -^~^ 
(Lem. [X^ u{x/v}. All the other cases are straightforward. □ 

We now introduce a notion that will be useful in various proofs. It counts the maximal 
number of free occurrences of a variable x that may appear during a j -reduction sequence 
from a term t. 

The potential multiplicity of the variable x in the term t, written Px(^), is defined 



if X ^ fv{t), then Px{t) ■= 0; otherwise: 

= 1 

= Pxiu) 

= P^(n)+P^(^) 

= Px{u)+maix{l,Py{u))-Px{v) 



on a-equivalence classes as follows: 

Pxix) 

Vr,{\y.u) 

Px{uv) 

^x{u[y/v]) 

We can formalise the intuition behind Px{t) as follows. 
Lemma 2.5. Let t £ T. Then 

(1) \t\x<Px{t). 

(2) If t is a c-nf then \t\x = Pxit)- 

Proof. Both points are by induction on the definition of Px(i)- The only interesting case is 
when t = u[y/v]: the i.h. gives \u\x < Px{u), \u\y < Py{u) and \v\x < Pa:('^)) from which we 
conclude with the first point. For the second one, if t is a c-nf every relation given by the 
i.h. is an equality and \u\y = Py{u) < 1, otherwise there would be a c-redex. Then we get 
Px{t) = Pxiu) + maix{l,P y{u)) •Px(w) = \u\x + \v\x = \t\x. D 

Potential multiplicities enjoy the following properties. 

Lemma 2.6. Let t £ T. Let x, y, z be pairwise distinct variables. 

(1) IfueT and y ^ fv(u), then Py{t) = Py{t{x/u}). 

(2) // \t\x > 2, then Pz{t) = Pz{tiy]J and Px{t) = Pxit[y]J + Py{t[y]J, where the two occur- 
rences of the term tr^i denote exactly the same term. 

(3) Ift -^j t', then Py{t) > Py(t')- 

Proof. By induction on t. □ 
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By exploiting potential multiplicities we can define a measure of the global degree of 
sharing of a given term, and use this measure to prove that the j -reduction subsystem 
terminates. 

We consider multisets of integers. We use to denote the empty multiset, U to denote 
multiset union, and 3 (resp. d) for the standard order (resp. strict order) on multisets [5]. 
Given an integer n and a multiset M, n ■ M denotes if M = and the multiset [n ■ 
ai, . . . ,n ■ an] if M = [ai, . . . , a.„]. The j -measure of t € T, written jm(t), is given by: 

jm(x) := 

jm{Xx.u) := jin(u) 

jm{uv) := jm{u)Ujm{v) 

jm{u[x/v]) := [Pxiu)] U jm(n) U max(l, Px(n)) • jm(t;) 

Note that jm(n) = for n G 7a. Potential multiplicities are decreasing by j -reduction, 
and we are going to show that the j -measure is strictly decreasing; however both can be 
incremented by dB-steps. For example, consider t = {\x.xx)y -^^b {xx)[x/y\ = t' . We get 
P.y(t) = 1, Py{t') = 2, jni(t) = and jm(t') = [2]. 

The fact that the j -measure decreases by j -reduction is proved as follows: 

Lemma 2.7. Let t eT. Then, 

(1) jm(i) = jm(i[y]J. 

(2) // \t\x = 1, then im{t[x/u\) Zl im{t{x/u}). 

Proof. By induction on t. The proof of the first property is straightforward. For the second 
one we show [Px(0] U jin(t) U max(l,P2:(t)) • jm(M) Zl jm{t{x/u}), which proves the desired 
property. 

• t = X. Then [1] U jni(ti) Zl jni(n) = jm{x{x/u}). 

• t = ti[y/t2]. W.l.g we assume y ^ fv(n). 

If X € fv(ti), we reason as follows: 

[Px{t)] U jm(t) Umax(l,P^.(t)) • jni(u) = 

[P^(ti)] U [Py{ti)]U jm{ti) Umax{l,Py{ti)) ■ jm(t2) U max(l,P^.(ti)) • jm(n) Z^.^. 

[Pyiti)] U max(l, Py{ti)) ■ jni(t2) U jm(ti{x/n}) =j^^^ [QTTl 

[Py{ti{x/u})] U max(l, Py{ti{x/u})) ■ jm(t2) U jm(ti{x/u}) 

jm{ti{x/u}[y/t2]) 

jm{t{x/u}) 

If x G fv(f2), then 1 < Px(t2) by Lemma 12.5111 and so max(l,inax(l,Py(ti)) • Px{t2)) = 
max(l,Pj^(ii)) ■Px{t2) = max(l,Py(ti)) • max(l,P^(t2)). Therefore: 

[Px{t)] U jm(t) U inax(l, Px{t)) ■ jm(n) = 

[niax(l, Py{ti)) ■ Px{t2)] U [Pyiti)] U jm(ti) U max(l, Pj,(ti)) • jm(t2) 

U niax(l,niax(l, Py(ti)) • Pxit2)) • j^iu) = 

[niax(l, Py{ti)) ■ Px{t2)] U [Pyiti)] U jm(ti) U max(l, Pj,(ti)) • jm(t2) 

U max(l, Py(ti)) • max(l, Px{t2)) ■ j'^iu) = 

[Pyiti]] U jm(ti) U max(l, Py(ti)) • ([Px-(t2)] U jni(t2) U max(l, P^.(t2)) • jm(n)) Zi.,,. 

[Py(ti)] Ujm(ti)Ujm(t2 Wn}) 

jmit{x/u}) 

• All the other cases are straightforward. □ 
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Lemma 2.8. Let to €E T. Then, 

(1) to =a h implies jni(to) = jm(ti). 

(2) to — >j ti implies jm(to) Z\ jm(ti). 

Proof. By induction on the relations. The first point is straightforward, hence we only show 
the second one. We reason by cases. 

• to = t[x/u] — >■„ t = ti, with \t\x = 0. Then jni(to) = jni(t)Ul • jiii(ti)U [0] Zl jni(t) = jm(ti). 

• to = t[x/u] ^d t{x/u} = ti, with \t\x = 1. Then jm{t[x/u]) UlLem. [27712] J"'(H^ /^})- 

• to = t[x/u] — >c t[y]_^[x/u][y/u] = ti, with \t\x > 2 and y fresh. Then, Lemma [2.6121 gives 
[P,.(t)] D [Px.(t[j;]J] U [Pj,(t[j,]J] and thus: 

jm(to) = 

[P^(t)]Ujm(f)UP^.(t)-jm(n) 

[P^(t)] U jm(t) U {PAt[y]J + PyiHy].)) ' M^) =Lem\2im 

[P,.(t)] U jm(t[^]J U (P..(t[y]J + Py^y^J) ■ jm(n) ^Lem.[Ml2] 

[Px{t[y]J] U [Py(t[^] J] U jm(t[j,] J U PAHvlJ ■ Mu) U Py(t[j,] J • jiii(u) 

[Px.(t[j;]J] U [Pj,(t[^]Jx/n])] U jm(t[j,]J UP^(t[y]J • jm(u) UP^(t[^]Jx/n]) • jm(n) = 

KiHy]Jx/u])] U jni(t[j^]Jx/u]) UPy(t[y]j2;/u]) • 2m{u) = jni(ti) 

• to = t[x/n] -^ t'[x/u] = ti, where t — > t'. Then: 

jm(to) = [Px(t)]U jni(t)Uniax(l,P^(t))- jni('u) Di./^. 

[P,(t)] U jiii(t') U max(l, P,(t)) • jm(n) ^^^^ ^^ 
[P^(t')] U jm(t') Umax(l,P^(t')) • jni(u) = jm(tl) 

• All the other cases are straightforward. □ 

The last lemma obviously implies: 

Lemma 2.9. The j-calculus term,inates. 

Furthermore: 

Lemma 2.10. The ^-reduction relation is confluent and terminating. Moreover, if ^{t) 
denotes the (unique) ] -normal form oft, then the following properties hold: 

j(x) = X j(to) = j(u)j(t;) 

j(Ax.u) = Ax.j(u) j(u[x/i;]) = j(M){x/j(t;)} 

Proof. One easily shows that — t-j is locally confluent, then Lemma 12.91 allows to apply 
Newman's Lemma [52] to conclude with the first part of the statament. The second part 
can be shown by induction on the structure of terms. Particularly, when t = n[x/w] one 
has u[x/v] — )•* j('u)[x/j(t')] ^j" (Lem. [2^ j{u){x/j{v)}. It is then sufficient to note that 
j -normal forms are stable by substitutions of j -normal forms. □ 

We conclude this section by showing another important property of Aj concerning the 
postponement of erasing steps. We first need the following lemma: 

Lemma 2.11. Lett eT. Then: 

(1) t — >„— >^„ t' implies t -^^^^^ *'■ 

(2) t — >+-^-,„ t' implies t ->-,„— ^+ t' 

Proof. Point [J is by induction on the relations and case analysis. Point [2] is by induction 
on the length of — >-^ using Point (H D 
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Let US use r : t — t-* t' as a notation for a reduction sequence, the symbol ';' for the 
concatenation of reduction sequences and |t|-,„ for the number of — >-,w steps in r. Then we 
obtain: 

Lemma 2.12 (u-postponement). Let t e T. If t : t -^*^. t' then 3 t' : t -^l^^^l t' s.t. 



^'1 



Proof. By induction on /c = |r|-,j,. The case /c = is straightforward. Let A; > 0. If 
r : t ^--,1, u -^*x^ t' then simply conclude using the i.h. on the sub-reduction p : u ^^. t'. 
Otherwise the sequence r starts with a w-step. If all the steps in r are w, then we trivially 
conclude. Otherwise r = t„;— )■-,„; p where r„ is the maximal prefix of r made out of 
weakening steps only. By Lemma 12.11121 we get that t — ^-.w^'j^JP t' and we conclude by 
applying the i.h. to — ^j"; p. D 

2.2. Confluence. Confluence of calculi with ES can be easily proved by using Tait and 
Martin Lot's technique (see for example the case of Aes [20]). This technique is based on 
the definition of a simultaneous reduction relation which enjoys the diamond property. It 
is completely standard so we give the statements of the lemmas and omit the proofs. 

The simultaneous reduction relation ^Xj is defined on terms in j -normal form as 
follows: 

• X ^Xj X 

• If t ^Aj t' ■, then Xx.t ^^j Ax.i' 

• If t ^Aj t' and u ^Aj "u', then tu ^^j ^'u' 

• If t ^Aj t' and u ^Aj ""') then {\x.t)u ^aj 2{^'[x/u']) 

Note that the third and fourth cases overlap, thus for example, [\x.II)II ^aj {^x.I)I and 
{\x.II)II ^Aj I-, where / denotes the identity function \y.y. 
A first lemma ensures that ^aj can be simulated by — )-aj . 

Lemma 2.13. If t ^aj t' , then t ^\. t' . 

Proof. By induction on t ^aj *'• D 

A second lemma ensures that — >-aj can be projected through j(-) on ^aj- 
Lemma 2.14. If t ^aj t' , then j(t) ^aj j(i')- 
Proof. By induction on t — )-aj t' . □ 

The two lemmas combined essentially say that ^aj is confluent if and only if -^\^ 
is confluent. Then we show the diamond property for ^ajj which implies that — t-aj is 
confluent: 

Lemma 2.15. The relation ^aj enjoys the diamond property. 

Proof. By induction on ^aj and case analysis. □ 
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Then we conclude: 

Theorem 2.16 (Confluence). For all i £ {1,2}, for all t,Ui £ T s.t. t — )-^. Ui, 3f s.t. 
Ui ^l^ V. 

Proof. Let t — )-L Ui for i = 1,2. Lemnia l2. 141 gives j(t) ^L j(tij) for i = 1,2. Lemma 12.151 
implies ^aj is confluent so that 3v such that j(nj) ^^. t; for i = 1,2. We can then close 
the diagram with Uj — 7>j j{ui) -^^i "" ^^ Lemma 12.131 □ 

While confluence holds for all calculi with explicit substitutions, metaconfiuence does 
not. The idea is to switch to an enriched language with a new kind of (meta)variable of 
the form X , to be intended as a named context hole expected to be replaced by terms 
whose free variables form a subset of A. This form of metaterm is for example used in 
the framework of higher-order unification [18]. In presence of meta- variables not all the 
substitutions can be computed. For instance in the metaterm Xy[y/z] the jump [y/z] is 
blocked. Consider: 

These metaterms are different normal forms. However, it is enough to add the following 
equation to recover confluence: 

t[x/u][y/v] ~cs t[y/v][x/u] if y ^ fv(u) & x ^ fv{v) 

A proof of confluence of A j modulo CS for metaterms can be found in [38] . 

3. Preservation of /3-Strong Normalization for Aj 

A reduction system 7?. for a language containing the set 7a of all A-terms is said to enjoy 
the PSN property iff every A-term which is /3-strongly normalizing is also 7^-strongly 
normalizing. Formally, for all t € 7a, if t G SN p, then t E SJ\fiz. 

The PSN property, when it holds, is usually non-trivial to prove. We are going to 
show that Aj enjoys PSN by giving a particularly compact proof. The proof technique has 
been developed by D. Kesner [21]; it reduces PSN to a property called IE, which relates 
termination of Implicit substitution to termination of Explicit substitution. It is an abstract 
technique not depending on the particular rules of the calculus with explicit substitutions. 

A reduction system 7^ for a language Tn containing the set 7a is said to enjoy the IE 
property iff for n > and for all t,u £T\, v^ C 7a: 

u G SM-R k t{x/u}v\ G SNn & t[x/u]v\ G Tn imply t[x/u]v\ G SN-r. 

Of course one generally considers a system TZ which can simulate the A-calculus, so that 
the following properties seem to be natural requirements to get PSN. 

Theorem 3.1 (Natural Requirements for PSN). Let TZ be a calculus verifying the following 
facts: 

(FO) Iftl QTxn SMn, then xt\ G SMn- 

(Fl) IfueTxCi SNn, then Xx.u G SMn- 

(F2) IfveTxn SMn & u{x/v}t\ eTxn SMn, then {\x.u)vt\ G ^A^T^. 

Then, IZ enjoys PSN. 

Proof. We show that t G SM p implies t G SMn by induction on the pair {rjj3{t), \t\), using 
the lexicographic ordering. We reason by cases. 



14 B. ACCATTOLI AND D. KESNER 



• If t = xt^, then ti E SMp and (rji^^ti), |tj|) <;ex (^/3(*)i 1^1 )• We have ij G iSA/'t^ by the i.h. 
and thus xi^ € SM-jz by fact FO. 

• If t = Xx.u, then u G ^A/"^ and {r]p{u), \u\) <iex (^/3(*)) \A)- We have u G ^A^t^ by the i.h. 
and thus Xx.u G SM-ji by fact Fl. 

• If t = {Xx.u)vt^^ G SJ\f/3, then ti{3;/t;}t„ G 57\A/3 and v G SJ\f p. Indeed, rjp{u{x/v}t^) < 
rip{t) and ?7/3(v) < 'r]p{t). We have that both terms are in SM-ji by the i.h. Then F2 
guarantees that t G SN-ji- D 

Now we show that A j satisfies the three natural requirements of the last theorem, and thus 
it satisfies PSN. 

Lemma 3.2 (Adequacy of IE). // Aj verifies IE, then Aj satisfies PSN. 

Proof. By Theorem 13.11 it is sufficient to show FO, Fl and F2. The first two properties 
are straightforward. For the third one, assume u G 7a n SMxj and it{x/u}t„ G 7a n SMxy 

Then in particular u,v,t^ G 7a riSM\y We show that t = {Xx.u)vtn G SMxj by induction 
on r]\j{u) + r]xj{v) + Sj r]xj{ti). For that, it is sufficient to show that every Aj-reduct of t 

is in SM\y If the Aj-reduct of t is internal we conclude by the i.h. Otherwise t = u[x/v]t^ 
which is in SAfxj by the IE property. □ 

As a consequence, in order to get PSN for Aj we only need to prove the IE property. For 
that, we first generalise the IE property in order to deal with possibly many substitutions. 

A reduction system 7^ for a language Tn containing the set 7a is said to enjoy the 
Generalised IE property, written GIE, iff for all t,^^ ("t- ^ l))^n ('^ ^ 0) ^^ 'Tn^ 
if u^ Q SN-ji & t{xi/ui)]^vl^ G SAfiz, then ^[xj/tij]^!;^ G SAfxj, where Xi / Xj for 
i,j = l...m and Xi ^ fv{uj) for i,j = 1 . . .m. 

Theorem 3.3 (GIE for Aj). The Xj-calculus enjoys the GIE property. 

Notation: To improve readability of the proof we shall abbreviate the notation [xj/uj]^ 
by [•],;'„. Similarly for implicit substitutions. 

Proof. Suppose u^ G SAfx^ & t{^i/ui}mVn ^ '5A/'aj- We show to = i[xi/ui]l^vl^ G SMxj by 
induction on: 

{VXiit{xi/u,i}lj]l), Vj3^(t), r]xj{ul,)) 

where V2,.(t) = 3l*l^i and ^^l^it) = T.i(zm■Vx^{t). 

To show to G SMxj it is sufficient to show that every Aj-reduct of to is in SAfxy 

• to -^Aj t[-]^j-.i[xj/u'j][-ym'^vl = to with Uj ^Aj u'j. Then we get: 

- vxM-Vj-ii^j/^'jH-ynt' vi) < vxM-VmO^ 

— v^i does not change, and 

- r]Xi{u]^iu'jui;t^) < VXiiuln)- 

We conclude by the i.h. since uj_iu'Mm G SMxj and our hypothesis t{xj/uj}^I;^ G 
SJ\fxj is equal or reduces to t{-}^_-^^{xj /u'A{-}m vj^ G SJ\fxj (depending on |t|^^. ). 

• ^0 — ^Aj t'Dln^n = ^0 with t — >Aj t' . Then we have that: 

VXj{t'{-}ivi) < ^Aj(i{-}m^n) 

We conclude by the i.h. since t'{-};'„U^ G SMxy 
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^0 — ^Aj ^[•Im^'i ■ ■ ■ v'^ . . . Vn = tQ with Vi — s-^j f^. Then we have that: 

We conclude by the i.h. since t{-}l„vi . . .v[. . .Vn S SMxj . 
to — ^w *[•]}_! ['Irn vj^ = t'(j, with \t\xj = 0. Then we have that: 

But v_i -j+i{t) < v^i (t). We conclude by the i.h. since t{-}]_-.{-}m uj, = t{-}Lvl^ G 
SAfxj by hypothesis. 

to ^d t[-]]_^{xj/uj}[-]i;t^vi = t'Q with \t\^^ = 1. Note that tj, = t{xj/uj}[-]]_^[-]i^^vi. 
Then we get: 

r?Aj(t{x,/nj}{-}]„i{-}4+l7;l) = VxM-VmV'n) 

Since the jumps are independent, then (xi[_iUxm )nfv(u,) = implies v_i -j+i (t{xj/uj}) < 

v^i (t). We conclude since t{-}j_i{xj /uj}{-ym vlt = ij'lm^n ^ '^■^Aj by hypothesis. 
*o -^c t[y]^ [■]]_i[xj /uj][y /ujJD^-^vl = I'q with \t\^^ > 2 and y fresh. Then, 
'?Aj(t[j/],^,{-}}-i{2;j/%}{2//nj}{-}^^I;^) =7?Aj(t{-}^uJ,)) and 
''x]_,x,yxi+'(Hyh,) < %}„(*)• In o'^de^ to apply the i.h. to t^y]^^ we need: 



—1 — i+i 

Uj_^, Uj , Uj , Urn 



£ SMxy This holds by hypothesis. 



~ ^ly]x {'}]-i{^j/''^j}{y/'^j}{'}m ^n £ '^A/'aj. This holds since the term is equal to 
t{'}lnyn which is SAfxj by hypothesis. 

Note that this is the case that forces the use of a generalised sequence of substitutions: 
if we were proving the statement for t[x/u]vn using as hypothesis u G SAfxj & t{x/u}vl^ G 
SAfxj then there would be no way to use the i.h. to get t[y]^[x/u][y/u]Vn G SMxy 
• to = {Xx.t')[-]lnViv'^ -^aB t'[x/vi][]lnVn = tQ. We have that: 

UQ = {Xx.t'){-}l^vivl G SMxj 

holds by hypothesis. Then: 

UO -^6B t'{-}ln[x/vi]vl = t'[x/vi]{-}l^vl = Uq 

Thus ^Aj(^o) < ^Ajl^io) and Uq G SMxj- Since n^ G SMxj by hypothesis we can apply 
the i.h. and get tp G SMxj ■ D 

The following is a consequence of Thereom 13.31 just take the number of substitutions m to 
be 1 and consider only the GIE property for 7a C T. 

Corollary 3.4 (IE for Aj). The Xj-calculus enjoys the IE property. 

Corollarv 13.41 then Lemma 13.21 and finally Theorem 13.11 implv: 

Corollary 3.5 (PSN for Aj). The Xj-calculus enjoys PSN, i.e. if t £ Tx ^SMp, then 
t G SMxi ■ 

Note that Lemma 13.21 and Theorem 13.31 which contains the arguments for PSN, do not 
use full composition, nor termination of — t-j, confluence or postponement of erasures: none 
of the properties of A j plays a role in this compact proof of PSN, which is quite surprising. 
The crucial point is the formulation at a distance of the rewriting rules. Indeed, we will 
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later show that such a simple proof does not longer work when rules propagating jumps are 
added to the system. 

4. An equational theory for Aj 

Sections [5] and [3] show that the basic theory of Aj enjoys good properties such as full 
composition, confluence and PSN. In most calculi with explicit substitutions, where substi- 
tutions are propagated through constructors and do not act at a distance, full composition 
can only be obtained by adding an equivalence relation =cs defined as the contextual and 
reflexive-transitive closure of the following equation: 

t[x/s\[y/v] ~cs t[y/v][x/s\ if X ^ fv{v) k y ^ fv{s) 

Otherwise a term like x[y/z][x/w] cannot reduce to its implicit form w[y/z] = x[y/z]{x/w} 
(and so full composition does not hold). Interestingly, Aj enjoys full composition without 
using equation CS, which is remarkable since plain rewriting is much easier than rewriting 
modulo an equivalence relation. 

However, as mentioned at the end of Section [221 the equation CS is necessary to recover 
confluence on metaterms. It is then natural to wonder what happens when =cs is added 
to A j . The answer is extremely positive since =cs preserves all the good properties of Aj , 
and this holds in a very strong sense. In fact, =cs is a strong bisimulation for (T, — t-aj) 
(c/. Lemma [4.2p . so that =cs can be postponed w.r.t. —^xj {cf. Lemma [1.2p and Aj modulo 
=cs enjoys PSN (c/. Lemma ri.ll2p . 

As already mentioned in the introduction, A j -terms and A j -dags [1] are strongly bisim- 
ilar, but the translation of Aj-terms to Aj-dags is not injective, i.e. there are different 
A j -terms which are mapped to the same Aj-dag. It is then interesting to characterise the 
quotient induced by the translation [1], which turns out to be =cs: indeed t =cs u if and 
only if t and u are mapped to the same Aj-dag G, and since they both behave like G {i.e. are 
strongly bisimilar to G), then they behave the same {i.e. they are strongly bisimilar). 

The A j -calculus is also interesting since it can be mapped to another graphical language, 
Danos' and Regnier's Pure Proof-Nets, being able to capture untyped A-calculus. It 
is possible to endow Pure Proof-Nets with an operational semanticqj which makes them 
strongly bisimilar to Aj. The quotient induced by the translation from Aj-terms into Pure 
Proof-Nets is given by the graphical equivalence =□ which is the contextual and reflexive- 
transitive closure of the equations in Figure [2l 

t[x/s][y/v] ~cs t[y/v][x/s] ii x ^ fv{v) k y ^ fv{s) 
Xy.t[x/s] r^ai {Xy.t)[x/s] iiy^tv{s) 
t[x/s\v ~(J2 {tv)[x/s\ iix^fv{v) 

Figure 2: The graphical equivalence =o 



Danos' and Regnier's original operational semantics does not match exactly Aj because they use a big- 
steps rule for eliminating exponential cuts, which corresponds to use just one substitution rule f[a;/M] — >■ 
t{x/u}. However, the refinement of Pure Proof-Nets where duplications are done small-steps is very natural 
from an explicit substitution point of view, altough — to our knowledge — it has never been considered 
before. 
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This means that Pure Proof-Nets quotient more than Aj-dagqj. As for =cs, =o is a 
strong bisimulation (c/. Lemma [4. 2p . and thus confluence and PSN of Aj automaticahy hft 
to — >Aj/o (c/- Theorem 14. 3p . which is the reduction relation Aj modulo =o. 

Another way to explain the o-equivalence is by means of linear constructors. Indeed, 
the body of an abstraction cannot be duplicated nor erased by the abstraction itself — in this 
sense an abstraction is linear in its body. Similarly, explicit substitutions are linear with 
respect to their left subterm, while they are non-linear with respect to their right subterm, 
i.e. the content of the jump, which may be duplicated or discarded. Applications are linear 
in their left subterm but they are non-linear in their argument, because they can wrap it in a 
jump. This linear /non- linear classification reflects the fact that jumps and arguments (and 
only them) are associated to !-boxes in Proof-Nets, the non-linear construction of Linear 
Logic. The equations defining =o can be understood as a permutation between a jump and 
a linear subterm of the adjacent constructor. 

It is then natural to wonder if =o can be extended with equations permuting jumps 
with non-linear subterms (see Figured! page [22]) . without breaking confluence and PSN. 
The answer is yes; the obtained equational theory is called the substitution equivalence 
=obox5 and the fact that Aj modulo =obox enjoys PSN is the main result of this paper. 

Extending =o to non-linear permutations is delicate from a termination point of view, 
since the use of non- linear equations affects reduction lengths. Indeed, the natural but naive 
extension of =o breaks PSN. By analyzing a counter-example to PSN we define =obox so 
that PSN turns out to be true. The proof of this fact, however, is more involved than that 
for =cs and =o, mainly because =obox is not a strong bisimulation. Therefore, we shall 
develop a new technique for proving PSN modulo =obox- 

Section 14.11 starts over by explaining the equivalence =o in terms of Regnier's a- 
equivalence [37], providing a different point of view with respect to what was already 
mentioned. Section 14.21 discusses how to extend =o to =obox by showing the difficulties 
to prove PSN for the obtained extension. Section [5] develops the proof of PSN for Aj 
modulo =obox- 

4.1. The graphical equivalence. Regnier's equivalence =^ is the smallest equivalence 
on A-terms closed by contexts and containing the equations in Figure El 

{Xx.Xy.t)u ~^j Xy.{{Xx.t)u) if y ^ f v(m) 
{Xx.tv)u ~CT2 iXx.t)uv if X ^ f v(f ) 

Figure 3: The equivalence =5- 

Regnier proved that two (T-equivalent terms have essentially the same operational behavior: 
=CT is contained in the equational theory generated by /3-reduction, i.e. =^C=i3, and if 
t =5- t' then the maximal /^-reduction sequences from t and t' have the same length (the 
so-called Barendregt's norm). That is why Regnier calls =5- an operational equivalence. 



Aj-dags can be mapped on Pure Proof-Nets, and once again the map is a strong bisimulation. 
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It is then natural to expect that the previous property can be locally reformulated in 
terms of a strong bisimulation, namely, 

t -^p u t — )-^ u 

=a implies =^ =a 

t' t' ^p u' 

Unfortunately, this is not the case. Consider the following example, where grey boxes 
are used to help the identification of redexes and their reductions: 

= u 






t' = ^x.{Xy.y))zi )Z2 ^p {>'y-y)z2 



u' 



The term t' has only one redox whose reduction gives u' which is not =CT-equivalent to 
u, the reduct of t. The diagram can be completed only by unfolding the whole reduction: 



Xy.{ {Xx^Tr)z2 -^13 ^!f^27zr ^T^ z^ 



t' = (^p.(Ay.y))zi )z2 ^g i>^y-y)z2 ^/3 Z2 

Note that the second step from t' reduces a created redex. 

We are now going to analyze =s- in the framework of A j . For that, Regnier's equivalence 
can be understood on Aj-terms by first removing the dB-redexes. Indeed, let us take the 
clauses defining =^ and let us make a dB-reduction step on both sides, thus eliminating the 
multiplicative redexes as in Regnier's definition: 

{Xx.Xy.t)u '^5-^ Xy.{ {Xx.t)u ) ( (Xx.t)u )v ^^2 (Xx.{tv))u 



Xy.{ {Xx.t)u ] 


idB 


Xy.{t[x/u]) 



^-dB ^-dB sI'dB 4-dB 

{Xy.t)[x/u] Xy.{t[x/u]) t[x/u]v {tv)[x/u]^ 

Now, =5- can be seen as a change of the positions of jumps in a given term and par- 
ticularly as a permutation equivalence of jumps concerning the linear constructors of the 
calculus. 

This is not so surprising since such permutations turn into simple equalities when one 
extends the standard translation of A-calculus into Linear Logic Proof-Nets to Aj-terms (see 
for example |24j). Another interesting observation is the relationship between =5- and the 
equivalence =cs introduced in Section 12.21 To understand this point we proceed the other 
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way around by expanding jumps into /3-redexes: 

=cs 





t[y/v] [x/u] 


■ 


( {Xy.t)v)[x/u] 


tdB 


■{Xx.{TXyTW))u 



t[x/u] 



{Xy. t[x/u] )v 



t 



dB 



{Xx.t)u )}M 



Note that the relation between the resulting terms is contained in =5-, that is why it was 
not visible in A-calculus: 

{Xx .{{Xy .t)v))u ~5-2 {Xx.Xy.t)uv ~ct^ {Xy.{{Xx.t)u))v 

In [1] it has been proved that two A j -terms t and t' are translated to the same Pure 
Proof- Net if and only if t =(j,cs t' ■ More precisely, this relation can be given by the 
graphical equivalence =0 already defined in Figure [2j 

The equations defining =0 are specified by means of local permutations, but it is also 
possible to define =0 in terms of global permutations. First, define a spine context S as: 

S ::= D I Xx.S \ St \ S[x/t] 

and then define =0 as the context closure of the following equation --^o: 

Slt[x/u]j ~o Sltj[x/u\ if bs(5) n fv(n) = and |t|, = |5Itl|^ 

The two definitions are easily seen to be equivalent. We shall now prove that =0 is a 
strong bisimulation, which will immediately imply (Lemma ll.ip that =0 preserves reduction 
lengths. This property is stronger than the one proved by Regnier for =5-, since it holds for 
any reduction sequence, not only for the maximal ones. 

Lemma 4.1. Let E be the equivalence relation CS or o, and t,t' (^ T s.t. t =e t' . Let u & T. 
Then: 

(1) \t\x = \t'\x- 

(2) For all S C pos^.(t) there is S' C pos^.(t') s.t. \S\ = \S'\ and Ry'''{t) =e Ry'''{t'). 

(3) t{x/u}=Et'{x/u}. 

(4) u{x/t} =E u{x/t'}. 

Proof. Straightforward inductions. □ 

Lemma 4.2. The relations =cs CLnd =0 are strong hisimulations for Aj . 

Proof. We prove the statement for =0 . The proof for =cs is obtained by simply forgetting 
the cases {~cri,~o-2}- Assume to =0 ^i holds in n-steps, which is written as to =0 *i) ^'^d 
let ti — )-Aj si. We show 3 sq s.t. to ^•Aj so =0 si by induction on n. 

The inductive step for ?i > 1 is straightforward. For n = 1 we reason by induction on the 
definition of to =0 ti, given by the closure under contexts of the equations {~cs; ~o-n ^0-2}- 
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We only show here the cases where to =o ii is contextual, all the other ones being 
straightforward. 

• If to = t[x/u] =0 t'[x/u] = ti -^xj t'[x/u'] = si, where t =o t' and u -^xj u', then we close 
the diagram by to — ^Aj t[x/u'] =o si- 

• The case to = t[x/u] =o t[x/u'] = ti — >aj t'[x/u'] = si, where u =o u' and t — >-aj t' is 
analogous to the previous one. 

• If to = t[x/u] =0 t'[x/u] = ti — )-Aj t"[x/u] = Si, where t =o t' — )-aj t", then by the i.h. 
3 t'" s.t. t ^Aj t'" =0 t". We close the diagram by to ->aj t"'[x/u] =1 si. 

• The case to = t[x/u] =o t[x/u'] = ti — >aj t[x/u"] = si, where u =o u' — >aj u" is analogous 
to the previous one. 

• If to = t[x/u] =0 t[x/u'] = ti — )•„ t = si, where u =o u' and jtl^,. = 0, then to — >w * = ^i. 

• If to = t[x/u] =0 t'[a;/tt] = ti — )•„ t = si, where t =o t' and \t'\x = 0, then the previous 
remark implies \t\x = and we close the diagram by to — >» t =o t' = si. 

• If to = t[x/u] =0 t[x/u'] = ti — )-c t[j^]^[a:;/u'][y/n'] = si, where u =o u' and jtl^,- > 1, then 
we close the diagram by to ^c * = t[y]Jx/u][y/u] =1 t[y]Jx/u'][y/u']. 

• If to = t[x/u] =0 t'[x/u] = ti — >c t'r 1 [x/M][y/ii] = Si, where t =o t' and jt'l^,. > 1, then we 

first write tr , as Ry ' (t'), where 5' C poSf-,{x) and |S"| > 2. Lemma 14.1111 gives |t|x- > 1 

and Lemma [4.1121 gives S C pos^(a;) verifying \S\ = \S'\ and Ry '^(t') =o Ry^{t). Then, 
we close the diagram with to — >c R'y'^{'t)[x/u][y/u] =o t| , [j;/m][2//u]. 

• If to = t[2;/n] =0 t[x/u'] = ti ^d t{x/u'} = si, where u =o n' and \t\x = 1, then 
t[x/ii] ^d t{x/u} =0 t{x/M'}, where the last equivalence holds by Lemma [4.1141 

• If to = t[x/u] =0 t'[x/u] = ti — J-d t'{x/u} = si, where t =o t' and \t'\x = 1. Then, 
t[x/u] — )-d t{x/ii} =0 t'{x/u} where the last equivalence holds by Lemma [4.1111 131 D 

A consequence (c/. Lemma ll.2p of the previous lemma is that both =cs and =o can be 
postponed, which implies in particular the following. 

Theorem 4.3. The reduction systems (T, — 7>aj/cs) Q'^c? (T, — )-aj/o) f^'^e both confluent and 
enjoy PSN. 

Proof. Confluence follows from Lemma [4. 2 1 and Theorem l2.16l bv application of Lemma [1.2l2| 
while PSN follows from Lemma 14.21 and Corollary 13.51 bv application of Lemma 1 1.11 □ 

Actually, — ^aj/o is equal to =o— '•Aj=o- In the framework of rewriting modulo an equiv- 
alence relation there are various, non-equivalent, forms of confluence. The one given by 
Theorem 14.31 is the weakest one, but the Church-Rosser modulo property also holds in our 
framework. 

Theorem 4.4 (Church-Rosser modulo CS and o). Let E be the equivalence relation CS or 
o. If to =E h, to ^Ij/E ^0 and ti ^aj/e ""i' ^^^"^ 3t;o,ui s.t. uq ^aj/e ""O' ^i ^Aj/e ■"! """^ 

vq =E'yi- 

Proof. By Lemma 14.21 and Lemma 11.21 □ 

We finish this section with the following interesting property. 

Lemma 4.5. The reduction relation j/o is strongly normalizing. 

Proof. The proof uses the measure jni() used to prove Lemma 12.91 and the fact that t =o t' 
implies jm(t) = jin(t'). D 
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4.2. The substitution equivalence. Composition of explicit substitutions is a sensible 
topic in the literature, it is interesting to know if Aj can be extended with a safe notion of 
(structural) composition. 

The structural A-calculus is peculiar since composition of substitution is provided na- 
tively, but only implicitly and at a distance. Indeed, a term t[x/u][y/v] s.t. y G iv{u) & y € 
f v(t) reduces in various steps to: 

t[x/u{y/v}][y/v] 

but not to the explicit composition t[x/u[y/v]][y/v]. One of the aims of this paper is to 
prove that adding explicit composition to Aj preserves PSN and confluence. 

The second aim concerns explicit decomposition. Indeed, some calculi [3611311 HOt 116 ^ 115) 
explicitly decompose substitutions, i.e. reduce t[x/u[y/v]] to t[x/u][y/v]. We show that PSN 
and confluence hold even when extending Aj with such a rule. 

More generally, having a core system, Aj , whose operational semantics does not depend 
on propagations, we study how to modular ly add propagations by keeping the good prop- 
erties. We have already shown that Aj is stable with respect to the graphical equivalence, 
which can be seen as handling propagations of jumps with respect to linear constructors. 
We proved that Aj/o is confluent and enjoys PSN (Theorem 14. 3p . What we investigate here 
is if we can extend it to propagations with respect to non-linear constructors. 

The idea is to extend =o to =n, where =ii is the the contextual and reflexive-transitive 
closure of the relation generated by {CS,ai,a2} plus: 

{tv)[x/u] ~box" tv[x/u] ii X ^ iv{t) 

t[y/v][x/u] ~^„^o t[y/v[x/u]] ii x ^ fv{t) 

In terms of global permutations =ii can be defined as the context closure of C[t[x/'u]] ~ii 
C[t][x/u] where |t|a; = |C[i]|a;, and C is any context (not just a spine context) which does 
not capture the variables of u. These equations are constructor preserving (same kind 
and number of constructors), in contrast to more traditional explicit substitution calculi 
containing for instance the following rule: 

{tu)[y/v] ^o t[y/v]u[y/v] 

which achieves two actions at the same time: duplication and propagation of a jump. In 
Aj/n there is a neat separation between propagations and duplications, so that no propa- 
gation affects the number of constructors. The rule — >-@ can be simulated in Aj/n only in 
the very special case where t and u both have occurrences of y. In our opinion this is not 
a limitation: the rule — )-@ is particularly inefficient since it duplicates even if there is no 
occurrence of y at all, thus it is rather a good sign that Aj/n cannot simulate -^@. 

The reduction relation Aj/n does not enjoy PSN, since it is a bit naive on the way 
it handles void substitutions. The following counter-example has been found by Stefano 
Guerrini. Let u = {zz)[z/y], then: 

t = u[x/u] = {zz)[z/y][x/u] =boxf' izz)[z/y[x/u]] -^^ 



'^2 



{ziZ2)[zi/y[x/u]][z2/y[x/u]] ^+ y[x/u]{y[x/u\) 
{yy)[xi/u][x/u] =^a {yy)[xi/u[x/u]] 



"(T2,box5,a 
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The term t reduces to a term containing t and so there is a loop of the form t — t-"^ Co[t] — t-"^ 
Co[Ci[i]] — )'"^ .... Now, take to = {^x.{{\z.zz)y)){{Xz.zz)y), which is strongly normalizing 
in the A-calculus. Since to Aj/n-reduces to t, to is not A j /n-strongly normalizing and thus 
Aj/n does not enjoy PSN. It is worth to note that, in contrast to Mellies counterexample 
for Ao- [32], the dB-rule has no role in building the diverging reduction: the fault comes only 
from the jump subsystem j modulo =n. 

The key point of the previous counter-example is that the jump [x/u] is free to float 
everywhere in the term since x has no occurrence in t. Such behavior can be avoided by 
imposing the constraint "x G fv{v)" to box^ and box2. This has also a natural graphical 
justification in terms of Pure Proof-Nets ([I], Chapter 6, page 149), since such constraint 
turns box5 and boxg into the exact analogous of the commutative box-box rule of Linear 
Logic Proof-Nets, but used here as an equivalence relation. We then modify ~box" ^^^ 
~boxO by introducing the equivalence =box as the contextual and reflexive-transitive closure 
of the equations in Figure HI 

{tv)[x/u] ~boxi tv[x/u\ if x ^ ^'^i't) & a; € iv{v) 

t[y/v][x/u] ~box2 t[y/v[x/u]] if x ^ f v(t) & a; G f v(f ) 

Figure 4: The equivalence =box 

Now, we redefine =ii in the following way. The substitution equivalence =obox is the 
smallest equivalence closed by contexts containing all the equations in Figure [5j 

t[x/s] [y/v] ~cs t[y/v] [x/s] if x ^ fv{v) ky^ f v(s) 

Xy.{t[x/s]) -,, {Xy.t)[x/s] ify^fv(s) 

t[x/s]u ~o-2 {tv)[x/s] if X ^ f v(f ) 

{tv)[x/u\ ~boxi tv[x/u\ if X ^ f^(0 & X € fv(f) 

t[y/v][x/u] ~box2 t[y/v[x/u]] if x ^ f v(t) & x G f v('u) 

Figure 5: The substitution equivalence =obox 

Alternatively, =obox can be defined by the context closure of the following global permutat- 
ing equations: 

Clt[x/u]j -obox Cltj[x/u] if bs(C) n fv(n) = and \t\^ = \Hltj\^ > 
5It[x/n]l -obox Sltj [x/u] if bs(5) n f v(n) = and |tU = |5[tl U = 

where C is any context and 5 is a spine context. 

It is now natural to study Aj-reduction modulo =obox- It is easy to prove that the jump 
calculus terminates with respect to the new equivalence =obox so that the previous coun- 
terexample to PSN is ruled out. We need an auxiliary lemma about potential multiplicities 
and the j -measure. 

Lemma 4.6. Let to,ti G T. If to =obox ^i then: 

(1) Pz(to) = Pz{ti) for every variable z. 

(2) jm(to) = jm(ti). 

Proof By induction on =obox- The base cases are easy calculations, the inductive cases use 
the i.h. D 
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Lemma 12.81 and Lemma 14.6121 together proves the fohowing corollary. 
Corollary 4.7. The reduction relation j/obox is terminating. 

5. Preservation of /3-Strong Normalization for Aj/obox 

The structural A-calculus modulo =obox is an incredibly subtle and complex rewriting sys- 
tem, and proving PSN is is not an easy task. Some of the difficulties are: 
• The relation =obox is not a strong hisimulation. It is not difficult to see that Aj is confluent 
modulo =obox (essentially the same proof than for Aj). However, =obox does not preserve 
reduction lengths to normal form, i.e. it is not a strong bisimulation. Two examples can 
be given by analysing the interaction between =obox with erasure and duplication. Here 
is an example for erasure: 

z[x/y][y/u] ^„ z[y/u] 



^box2 



^w 



z[x/y[y/u]\ ^„ z 
and here another one for duplication: 

{xx)[x/y][y/z\ ^c {xxi)[x/y][xi/y][y/z] -^c {xxi)[x/yi][xi/y2\[yi/z][y2/z] 

^box2 ^obox 

{xx)[x/y[y/z]] ^c {xxi)[x/y[y/z]][xi/y[y/z]] =„ {xxi)[x/yi[yi/z]][xi/y2[y2/z]] 

Indeed, if =obox would have been a strong bisimulation, then in both diagrams the 
two terms of the second column would be =obox-equivalent, while they are not (remark 
that =obox preserves the number of constructors so that those terms cannot be =obox- 
equivalent). 

• The relation =obox cannot be postponed. The last example shows also that =obox cannot 
be postponed. This is illustrated by the upper left corner of the previous figure: 

{xx)[x/y][y/z] ->c {xxi)[x/y][xi/y][y/z] 

^bOX2 

{xx)[x/y[y/z]] 

Observe that this phenomenon is caused by the equation ~box2 • Remark that both com- 
position {i.e. — >'box2) and decomposition (box2^) are used in Guerrini's counterexemple. 

• There is no canonical representant of equivalence classes which is stable by reduction. 
Indeed, there are two natural canonical representants in Aj/obox. Given t we can define 
in(i) as the term obtained by moving all substitution towards the variables as much as 
possible and out(t) the term obtained moving substitutions far from variables as much 
as possible. Consider t = x[x/{Xy.z[z/y])x'] ^dB x[x/z[z/y][y/x']] = t', then out(t) = 
x[x/{Xy.z[z/y])x'] does not reduce to out(i') = x[x/z][z/y][y/x']. Similarly, for the other 
representative since in(t) = {x[y/z]z)[z/z'] does not reduce to in(t') = xz[z/z']. 

In [3] we proved that Aj enjoys PSN in the cases where the equations {~boxi, ~box2} are 
both oriented from left to right or from right to left. Here we prove PSN considering them as 
equivalences. Surprisingly, the proof of this more general result is relatively more compact 
and concise than the one(s) in [3]. Indeed, even if we need to pass through an auxiliary 
calculus, such a calculus can be proved to enjoy PSN without using labels, in contrast to 
our previous result and proof. 
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Let us explain our technique. Even if there is no canonical representative form of an 
obox-equivalence class which is stable by reduction (c/. Section r4.2p . there is an even more 
natural way to reason about PSN in the presence of the non-trivial equations {boxi,box2} 
which consists in projecting Aj/obox over a simpler equational calculus. Since both the 
calculus and the projection are quite peculiar we introduce them gradually. 

A usual naive idea consists in projecting Aj/obox into the A-calculus by means of a 
function computing the complete unfolding of jumps. This gives the following diagram: 

t -^Xj u 
I* ij (5.1) 

m ^} j{u) 

This principle could be easily exploited in order to prove some properties of A j /obox (such 
as confluence), however, this projection erases divergent sub-terms, therefore it cannot be 
used to prove PSN. For instance, consider t = x[y/Q] (where ri is a non-terminating term), 
which is only A j -weakly normalizing, whereas j(i) = x is in normal form. It is easy to 
show that projection of terms without void jumps preserves divergence and thus PSN. 
Unfortunately, erasures cannot be postponed in Aj/obox. 

Roughly speaking, the projection gives j(i) — ^^ j(n) so that there are some steps 
t -^xj u s.t. j (t) = j (u). It is not really a problem if such (erased) steps are finite, but here 
there may be infinite sequences of such (erased) steps. It is then quite natural to change the 
complete unfolding j into a non-erasing unfolding wj, which does not project void jumps: 

wj(x) := X 

wj(Ax.u) := Ax.wj(n) 

yijiuv) := wj(n)wj(u) (5.2) 

^^(f\^/„]\ .- / wj(t){x/wj(n)} ifxGfv(i) 

wjiqx/njj .- I wj(t)[x/wj(n)] if x ^ f v(t) 

Note that there are still some erased steps, as for instance t = x[x/y] — >d y = u, where 
wj(*) = y = wj(u), but intuition tells that wj preserves divergence, because diverging terms 
are no longer erased by the projection. Note also that the image of the projection of the 
previous reduction step t — ^^ u is no longer a reduction step in the A-calculus, so that 
we need to specify which are the rewriting rules and the equations of the image of the 
translation. 

For didactive purpose let us assume that we are able to turn the image of the projection 
into a calculus — let us say Avoid/o — such that wj projects Aj/obox into Avoid/o and 
preserves divergence. Two important remarks are: since wj(-) preserves divergence, then 
PSN for Avoid/o implies PSN for Aj/obox; also, the Avoid/o-calculus does not contain 
the equations {boxi,box2} because they were turned into equalities thanks to their side 
conditions. 

It is then reasonable to expect that proving PSN for Avoid/o is easier than PSN for 
Aj/obox. Our proof technique can then be summarised as follows: 

(1) Introduce Avoid/o; 

(2) Prove PSN for Avoid/o; 

(3) Show that wj(-) preserves divergence from Aj/obox to Avoid/o; 

(4) Conclude PSN for Aj/obox. 
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^/3 


t{x/u}L 


if x e f v(i) 


^dB 


t[x/u]L 


lix ^ fv{t) 


^w 


t 


if X ^ fv{t) 



Section [5.11 presents the rewriting rules of Avoid/o, thus completing point 1. Section 
deals with point 2 and Section [5.31 with points 3 and 4. 

We believe that the isolation of Avoid/o is an important contribution of this paper. 
Indeed, it is easy to see that Avoid/o should contain at least the three following rewriting 
rules: 

(Ax.t)L u 
(Ax.t)L u 
t[x/u\ 
More precisely, 

• The reduction step t = {Xx.x)y — )-dB x[x/y] = u projects into wj(f) = (Xx.x) y -^p y = 
wj(u). 

• The reduction step t = {\x.z)y — >dB ^[x/y] = u should map to itself, i.e. wj(t) = 
{Xx.z)y ^dB z[x/y] = wj(u). 

• The reduction step t = z[x/y] ^„ z = u should map to itself, i.e. wj (t) = z[x/y] — )•„ z = 
wj(i). 

However, projecting on such a simple calculus still does not work. There are three phenom- 
ena we should take care of: 

(1) Equations. As we already mentioned =boxi and =box2 vanish, that is, t =boxi,box2 ^ 
implies wj(t) = wj(m). The graphical equivalence, instead, do not vanish, and must be 
added to the intermediate calculus, thus getting the reduction relation to be considered 
modulo =0. 

(2) Generalised erasure. Consider: 

t = z[x/yiy2\[yi/vi][y2/v2] ^„ z[yi/vi][y2/v2] = u 

where wj(t) = z[x/viV2] and wj(u) = z[yi/vi][y2/v2]. Hence the w-rule t[j;/s] — > t if 
\t\x = must be generalised in order to replace the jump [x/s] by many (eventually 
none) jumps containing subterms of s. We shall then use the following (Hydra like) rule 

t[x/u] i->-h ^[xi/mi] . . . [xn/un] Vz (xj fresh &i Ui<u Sz fv(uj) C fv(n) & n > 0) 

Where Ui <\u means that Uj is a subterm of u. The condition upon free variables is 
necessary in order to avoid unwanted captures inducing degenerated behaviors. Note 
that the particular case n = gives the w-rule. 

(3) Unboxing: An erasing step t —^^ u can cause jumps to move towards the root of the 
term. Consider: 

t = {zz[x/y])[y/v\ ^„ {zz)[y/v\ = u 

where wj(t) = zz[x/v\ and wj(n) = {zz)[y/v\ =ct {zz)[x/v\. Hence, to project this step 
over Avoid/o we need a rule moving jumps towards the root of the term, which could 
have in principle the general form: 

Clt[x/u]l^Clt\[x/u] 

This rule is the one that shall demand a more involved — but still reasonable — technical 
development. Indeed, reduction that moves any jump towards the root modulo =o may 
cause non-termination: 

Xx.x[y/ z\ -^ {\x.x)[y/ z\ =o \x.x[y/ z\ —)•... 
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In order to avoid this problem we restrict the general form of the rule to a certain kind 
of contexts, those whose hole is contained in at least one box, i.e. the argument of an 
application or the argument of a jump. 

We now develop a PSN proof for A j /obox. Section 15.11 formally defines the intermediate 
calculus Avoid/o, while Section [5.21 proves PSN for the intermediate calculus Avoid/o and 
Section 15.31 proves the properties of the projection which allows us to conclude PSN for 
A j /obox. 

Let us conclude this section by observing that the generalised erasure and the unboxing 
rules are introduced to project the w-rule and not the equations {boxi,box2}. Said in other 
words, to prove PSN of the simpler calculus Aj (resp. Aj/o) through the wj projection 
into Avoid (resp. Avoid/o), one still needs the generalised erasure and the unboxing rules. 
That is why we believe that the technique developed here is really interesting by itself. 

5.1. The Avoid/o-calculus. The Avoid/o-calculus can be understood as a memory calcu- 
lus based on void jumps. It is given by a set of terms, written Tv, generated by the following 
grammar, where only void jumps are allowed: 

(7^) t, u ::= X I Xx.t I tu \ t[_/u] 

The notation t[_/u] just means that the constant _ has no (free) occurrence in the term t 
and [-/s] denotes a list of void jumps [-/si] . . . [-/sn]- 

To define the operational semantics we need to define a particular kind of context. 
More precisely, if C denotes a context then a boxed context B is given by the following 
grammar: 

B ::= tC I t[_/C] \ Bt \ B[_/t] \ Xy.B 
We now consider the reduction rules and equations in Figure [6l The notation L in the rules 
dB and /3 means a list [-/''^i] • • • [-/^^fc] of void jumps where /c € N (so potentially k = 0). 

{Xx.t)L u i-7'/3 t{x/u}L if X G f v(i) 

{Xx.t)L u i-^dB *[-/'"]L if a; ^ f v(t) 

t[-/v\ i->h i[-/'"i] • • • [-/^n] ^^ {ui<u h fv{ui) C f v(ti) &: n > 0) 

Blt[_/u]j h^u Bltj[_/u] 5 does not bind n 

tUs][_/v] ~cs t[_/v][_/s] 

Xy.{t[_/s]) -,, iXy.t)[./s] if y ^ Ms) 

t[-/s]v -,, itv)[-/s] 

Figure 6: The Avoid/o-reduction system 

Note that the w-rule t[x/u] — >■ t with x ^ fv(t) of Aj is a particular case of the h-rule. 
Remark also that the unboxing rule of Avoid/o moves void jumps outside terms, which 
was forbidden in the equation box2 of A j /obox. However, this does not break PSN because 
there is no boxing rule in Avoid/o. Indeed, Guerrini's counterexample uses both boxing 
and unboxing. 

We write t — s-Avoid/o ^' iff t =o ^i —^ Avoid t'l =o t' , where —>■ Avoid is the reduction relation 
generated by the previous rewriting rules {/3, dB,h, u} and =o is the equivalence relation 



PSN MODULO PERMUTATIONS FOR THE STRUCTURAL LAMBDA CALCULUS 27 



defined in Figure [2] but restricted here to tlie Avoid-syntax. As before, —7-7^ denotes the 
contextual closure of 1— )-7^, for TZ C {/3,dB,h,u}. 

We now show some properties of the new memory reduction system which are used in 
Section [O] to show PSN. 

Lemma 5.1. Let u,v,s E Tv- If u< s and x ^ fv{u), then u < s{x/v}. 

Proof. By induction on s. □ 

Lemma 5.2. Let tQ,ti,UQ,ui G Tv- 

• Ifio ^h,u/o *i *^s^ to{x/uo} ^^Ju/o ti{x/uo}. 

• Ifuo ^h,u/o ^1 then t{x/uo} ^^.u/o H^/ui}- 

Proof. Straightforward. □ 



Lemma 5.3. Let t,v,u,Si G 7^. Let x € fv(t;). Then t[_/v{x/u}] — )-^ t[_/s][_/u], where 
Si<v and fv(sj) C fv{v) and x ^ fv(sj). 



Proof. Straightforward, the case t[_/v{x/u}] = t[_/s][-/u] happening in particular when 
V = X and [_/s] is empty. D 

Lemma 5.4. Let t,u,v e%. If y ^ ^^i't) then t{y/v[_/u]} -^^^,^ t{y/v}[_/u]. 

Proof. By induction on t. □ 

Lemma 5.5. Let to, ^i, "^^ G %. Ift^ -^^ ti, x £ fv(to) and x fv(ti), then tQ{x/v} — ^^^/q 
ti[-/v]. 

Proof. By induction on the number of steps from to to ti, and in the base case by induction 
on the reduction step from to to ti. 

• to = no[_/Mi] ^-h Uo[_/vi] . . . [-/^m] = ti, where Vi < ui and iv{vi) C fv{ui). Then x G ui 
and X ^ no and x ^ Vi so that 

uo[./ui]{x/v} = uo[-/ui{x/v}] -^h {Lem. [O]) uo[./vi] . . . [./vm][-/v] 

• to = Xy.UQ — > Ay. til = ti, where uq ^- ui. Then, 

{Xy.uo){x/v} = \y.uo{x/v} ^^.u/o (*-^-) Ay.ui[_/w] =<^j ( Ay. ui )[_/';;] 

• to = uqvq — >■ uiiJo = ti, where uq ^ ui. Then, 

{uoVo){x/v} = uo{x/v}vo ^h,u/o {i-h.) ui[./v]vo =^2 {uiVo)[-/v] 

• to = uo[-/vo] — > ui[-/vo] = ti, where no ^^ ui. Then, 

uo[-/vo]{x/v} = uo{x/v}[_/vo] ^l^/^ (i.h.) ui[_/ v][_/ vq] =cs ui[_/vo][_/v] 

• All the remaining cases are straightforward. □ 
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Corollary 5.6. Let to,ti,v € %■ If to -^^^/^ ii, x € fv(to) and x ^ fv(ti), then 
to{x/v}^l^/^ti[_/v]. 

Proof. By induction on the number of h-steps in the reduction ig ~^i^ / ^i- Note first that 
^■u and =0 do not loose free variables. 

• If there is only one h-step, then the reduction is of the form t ^* /^ uq — t-^ ui — >*/q t'. We 
have t{x/v} ^^/^ uo{x/v} ^^^^^ (Lem. ESD ui[_/v] ^^^^ t'[_/v]. 

• If there are n > 1 h-steps, then the reduction is of the form to ~^u/o ^o ~^h ^i -^t / ti, 
with n — 1 < n h-steps from ui to ti we consider two cases. 

If X € fv(wo) n f v(iii), then x is lost in the subsequence ui -^^^/^ ^i- We thus have 
to{x/v} ^l/^ uo{x/v} ^h ui{x/v} -^l^/^ {i.h.) ti[./v\. 

If X e fv(uo) \ fv(ui), then to{x/v} ^*/^ uq{x/v} ^;^u/o "i[-H {Lem. [53]) ^^u/o 
ti[-/v]. ' ' D 

5.2. Preservation of /3-Strong Normalization for Avoid/o. The proof of PSN for 
Avoid/o we are going to develop in this section is based on the IE property (c/. Section [3]) 
and follows the main lines of that of Theorem 13.31 Indeed, given u € SJ\f\-^oi.A/o aiid 
t{x/u}v\ € (SA/" Avoid we show that s = t[_/u]v]^ G ^A/" Avoid by using a measure on terms 
which decreases for every one-step Avoid/o-reduct of s. However, PSN for Avoid/o is much 
more involved: first because of the nature of the reduction rules {li,u}, second because of 
the equivalence =o. 

A first remark is that jumps in Avoid/o are all void so in particular they cannot be 
duplicated. As a consequence, there is no need at first sight to generalise the IE property to 
terms of the form t[-/ui\]y{v\ as we did before (Theorem 13. Sp . However, there are now new 
ways of getting jumps on the surface of the term. Indeed, if t = \y.t'[_/v\ and y ^ fv{v) 
one has s = t[_/u\vl^ =o {Xy.t')[_/v][_/u\vl^ Things are even more complicated since jumps 
can also be moved between the arguments vi, . . . ,Vn as in: 

s^,{{\y.t'[./v])v^)Uu]vl 

The opposite phenomenon can happen too, i.e. the jump [_/n] can enter inside t, for 
instance: 

s=oXy.{t'Uv][_/u])vi 
The main point is that the measure we shall use to develop the proof of the IE property 
needs to be stable by the equivalence =o, i.e. if s =o s', then s and s' must have this same 
measure. 

In order to handle this phenomenon we are going to split s in two parts: the multiset 
SJ[(s) of jumps of s which are or can get to the surface, and the trunk T(s), i.e. the 
term obtained from s by removing all the jumps in SJI(s). This splitting of the term is then 
used to generalise the statement of the IE as follows: 

If T(s) G SJ\f xvoid/o and u G SM Xvoid/o for every [_/u] G SJ(s) then s G SAfxvoid/o- 

An intuition behind the scheme of this proof is that the term T(s) and the jumps in 
§J(s) are dynamically independent, in the sense that any reduction of s can be seen as an 
interleaving of a reduction (eventually empty) of T(s) and reductions (eventually empty) 
of elements of SJ(s). Indeed, the void jumps in SJ(s) cannot be affected by a reduction of 



PSN MODULO PERMUTATIONS FOR THE STRUCTURAL LAMBDA CALCULUS 



29 



T(s), since none of their free variables is bound in s, and cannot affect a reduction of T(s) 
since they are void. The unboxing rule slightly complicates things, but morally that is why 
the new generalised form of the IE property holds. 

The attentive reader may wonder why we cannot handle the equivalence =o by using 
a strong bisimulation argument, as in the case of Aj/o (c/. Theorem 14. 3p . Unfortunately, 
=0 is not a strong bisimulation for Avoid as the following example shows: 

x[_/t[./x]v] ^h x[_/t[_/x]] 

x[_/{tv)[./x]] ^h ?° 

Before starting with the technical details of the proof let us add two more important 
remarks. First, we have just used T(s) and SJI(s) for didactic purposes, the actual definitions 
are parametrised with respect to a set of variables (those which can be captured in the 
context containing s). Moreover, in order to simplify the proofs we will not work directly 
with §J(s): we are going to define a parametrised predicate SNSJIr(s); which is true when 
all the jumps in §J(s) are in SMxYoid/o^ ^^^ a parametrised measure MSJp(s), built out 
from the elements of §JJ(s). Second, the unboxing rule makes some inductive reasonings 
non-trivial, so we isolate them in an intermediate lemma (Lemma. 15. lip . 

Given s £ Tv and a set of variables F, the trunk Tr(s) is given by the following inductive 
definition: 

"" ' ^ X 

Trit)u 

Ax.Tru{x}(i) 

Tr(t) iffv(n)nF = 

Tr (t) [-/u] otherwise 

Note that x € fv(s) and x € F implies x € Tr(s). Next, we define a predicate on Tv which 
is true when all surface jumps contain terminating terms: 

SNSJr(x) 

SNSJIr(Ax.t) 

SNSJr(i[-/w]) 
SNSJr(t[-/u]) 

Observe that s G SM)^ 

For any term s (z Tv s.t. SNSJr(s) we define the following multiset measure: 

ISJr(2;) 

IISJIr(*)uMSJr(u) 

mru{x}{t) 

IlSJr(t) U [(7?Avoid/o(^), 1^1)] if fv(n) n F = 

KSJr (t) U MSJp (u) otherwise 

Now, we can reformulate a generalised statement for the IE property on Void jumps as 
follows: 



Tr(x) 

Tr(iii) 

Tr(Ax.i) 

Tr{t[-/u]) 

TritUu]) 



true 

SNSJJr(i) 
SNSJJru{.}(t) 

SNSJJr(i) & « e SMxvoid/o 
SNSJIr(i) 
' Avoid/o implies in particular SNSJIp(s) for any set F. 



if f v(n) n F 
otherwise 



ISJIr(tti) 
ISJIr(Ax.t) 

ISJr (*[-/-"]) 
IISJJr(i[-/^i]) 



(VIE) For all t G ?;, if T0(t) G SM Xvdd/o and SNSj0(i), then t G SMx^ad/o- 
Some lemmas about basic properties of Tr(t), SNSJp(t) and MSJp(t) follow. 
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Lemma 5.7. Let t £ % and x ^ fv(t). Then TruiaijlO = ^^^it) and §NSJIru{x}(*) iff 

§NSJr(i)- 

Proof. Straightforward. □ 

Lemma 5.8. Let t,u £% s.t. fv(t) C r. Then, 

(1) t^^Tr(i). 

(2) Ifx^r then Tru{x} (t)Wn} ^* Tr{t{x/u}). 

Proof. 

(1) Straightforward induction on t. 

(2) By induction on t. 

• t = x. Then Tru{x}{t){x/u} = n ^* {Point^ Tr(n) = Tr{t{x/u}). 

• t = y. Then Tru{a;}(i){2^/^} = y = Tr{t{x/u}). 

• The cases t = Xy.v and t = uv are straightforward using the i.h. 

• t = v[_/w]. Let us analyse one particular case in detail, the other ones being similar 
can be proved by application of the definitions and the i.h. Let us suppose Tr\fv{w) = 
0, X G fv{w) and F n f v(u) = 0. Then 

^ru{x}{t){x/u} = TY^j{^y{v)[./w]{x/u} = Tyu{x}{v){x/u}[./w{x/u}] and 
Tr{t{x/u}) = Tr{v{x/u}[_/w{x/u}]) = Tr{v{x/u}). The i.h. gives 
'^ru{x}iv){x/u} -^^ Tr{v{x/u}) and so we conclude with 

Tru{x}iv){x/u}[_/w{x/u}] ^* Tr{v{x/u})Uw{x/u}] ^^ Triv{x/u}) D 

Lemma 5.9. Let t,u e % andx ^T. If EnE>Sru{x}{t), SNSJrN and TYu{x}{t){x/u} G 
■SMx^o±d/o thenSnSSr{t{x/u}). 

Proof. By induction on t using Lemma |5.7[ □ 

Lemma 5.10. Let tQ £ Tv s.t. Tr(to) £ <SJ\f Xvoid/o '^^'^ SNSJr(*o)- If to =o ^i then 
SNSJr(^i) and Tr(io) =o Tr(ii) and MSJr(io) = MSJIr(*i)- Thus in particular the equality 
^A™id/o(Tr(io)) = ^Avoid/oCrr(*i)) holds. 

Proof. By induction on to =0*1- D 

The next lemma deals with the unboxing rule, which requires a complex induction. 

Lemma 5.11. Let t^ £ % s.t. Tr(to) G SMx^oia/o and §NSJr(to)- If to = S|s[_/u]] ^u 
i?|s][_/M] = ti, where B does not hind u, then SNSJ[p(ti) and: 

* //rnfv(n) = then 

- Either Tr(to) = Tr(ti) and MSJr(*o) ^ MSJIr(ti), 

- OrTr(to)^hirr(ti); 

* //r n fv(n) ^ then Tr(to) ^+h/o ^^iti). 

Proof. By induction on B. 

* Base cases: 

- B = vC: then to = vCls[./u]j ^^ {vClsj)[./u] = ti. Hence Tr(to) = Tr{v)Cls[./u]j 
and §NSJr(to) iff SNSJr(v). There are two cases: 

(1) rnfv(n) = : then Tr(to) ^h Tr(?;)C|s] = Tr(ii). To show SNSJIr(ii) we need 
SNSJJr(^) & w G SJ^Xvoid/o- The first point is equivalent to SNSJIr(*o)) which 
holds by hypothesis, the second holds since u is a subterm of Tr(to) S '5A/'Avoid/o • 
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(2) rnfv(n) /0 : then Tr(to) ^u (Tr(^)C|s])[_/u] = Tr(ti). To show SNSJ[r(ii) we 
need SNSJIr(u), which holds by hypothesis. 

— B = v\-/C]: there are four cases: 

(1) r n fv(n) = fc r n fv(CH) = : thenTr(to) = Tr(f) = Tr(ti). Also, SNSJr(to) 
so that SNSJIr(z;) & C[s[_/n]l G SMx^o±d/o- To show SNSJr(^i) we need C|s] G 
5A/'Avoid/o & n G SMx^oid/o, which clearly follows from C[s[_/u]] G SMx^oid/o- 
We still need to show that MSJr(to) ^ MSJrC^i) which holds because MSJr(*i) 
is just MSJIr(*o) where the multiset [(r/Avoid(C[s[_/u]]), |CIs[_/m]1|)] G MSJr(to) is 
replaced by the strictly smaller multiset [(?7Avoid(C'['S]), |C|s]|), (7?Avoid (it) ) \'^\)]- 

(2) r n fv(n) = fc r n fv(CM) / : then 

Tr(to) = Tr{v)[-/ C{s[_/u]\] ^, Tv{v)[-/Cls}] = Tr(ti) 

Also, SNSJIr(*o) imphes SNSJr(v)- To show §N§Jr(ti) we need SN§JJr(w) ^u^ 
5A/'Avoid/oi which then holds by hypothesis and because u is a subterm of Tr(to) ^ 

'5A/'Avoid/o- 

(3) r n fv(n) y^ fc r n fv(CM) = : then 

Tr(io) = Tr(T;)[_/C[s[_Hl] ^u 1r{v)l/Cls\][_/u] ^, Tr{v)l/u] = Tr(ti) 

Also, SNSJr(io) implies SNSJIr(i^)- To show SNSJIr(ii) we need SNSJIr(w) & C\s\ G 
^A^Avoid/oi which holds by the hypothesis and the fact that C\s\ is a subterm of 
a h-reduct of Tr(to) G SNx^oi.d/o- 

(4) r n fv(n) ^ fc r n fv(CH) 7^ : then 

Tr(io) = Tr{v)l/Clsl/u]\] ^, Tr(i;)[_/CH][_/n] = Tr(ii) 

Also SNSJr(*o) implies SNSJIr(i^), which is equivalent to §NSJr(ti). 
Inductive cases: 

- B = B'l/v]: We have to = B'[s[_/u]\[_/v] ^, B'ls\[_/v][_/u] = h. Also B'ls[./u]j ^^ 
-B'|s][_/u] and the hypothesis Tr(to) £ <SJ^Xvoid/o and SNSJr(*o) imply in particular 
Tr(B'[s[_/n]l) G SJ\f x^o±d/o and SNSJr(S'[s[_/n]l). The i.h. gives §NSJr(S'[sl[-/u]) 
and we distinguish several cases: 

(1) r n f v(n) = fc r n f v(7;) = : The hypothesis SNSJr(to) imphes in particular 
V G SMxvoid/o and the i.h. SNSJr(5'Is] [_/«]) gives SNSJr(^' W) fc n G SMx^oid/o, 
so we conclude also SNSJr(ti). We now consider two cases: 

(a) If no = Tr{B'ls[./u]j) = Tr(S'|s][_/n]) andMSJr(S'[s[-/n]]) D MSJr(^'W)U 
[(^Avoid/o(w), \u\)], thenTr(to) = uq = Tr(ti) andMSJr(io) = MSJr(B'[s[_/n]l)U 
[{rix.oid/o{v),\v\)] D M§Jr(S'[sl) U [{vx.o±d/o{u),\u\)] U [(??Avoid/o(t'), It'l)] = 
MSJr(ti). 

(b) If uo = TriB'ls[./u]j) ^h Tr{B'lsj[./u]) = m, then Tr(to) = ^o ^h ^i = 
Tr(ti). 

(2) rnfv(n) = fcrnfv(7;) ^0 -. The i.h. SNSJr(^'W[_/n]) gives SNSJr (-B' [s] ) & u G 
•S-^fxvoid/o^ SO we conclude also SNSJIr(ti). We now consider two cases: 

(a) If no = Tr(S'Is[_/n]]) = Tr(5'W[_/n]) andMSJp(B'[s[_/n]]) D M§Jr(5'|sl)U 
[{Vx.oid/o{u), \u\)], thenTr(to) = uo[-/v] = Tr{B'lsj)[./v] = Tr(ti) andMSJr(to) ■ 
MSJr(S'[s[_/n]]) UMSJr(n) D MSJr(S'[sl) U [(??Avoid/oM, |nj)] UMSJr(i') = 
MSJr(ti). 

(b) If no = Tr{B'ls[./u]j) ^^ Tr{B'lsJUu]) = ui, then 

Tr(to) = uoUv] ^t ui[./v] = Tr{B'ls})[./v] = Tr(ti) 
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(3) rnfv(n)/0 : Then the i.h. gives t^o = Tr(5'[.s[_/n]l) ^+^/^ Tr(B'[s][_/n]) = m. 
We consider the fohowing cases. 

(a) Tr\fv(v) = : then 

Tr(to) = no ^+^/, m = Tr{B'ls})[./u] = Tr(ti) 
Also SNSJr(to) imphes v e sXf x^oid/o and the i.h. §NSJr(-B'|s][_/u]) imphes 
SNSJIr(B'[s]), we thus conchide SN§J[r(ti). 

(b) r n fv{v) ^ : then 

Tr(to) = uo[./v]^+^^^mUv] = Trm4)[-/u][-/v] ^o 

Tr{B'lsj)[_/v]Uu] = Tr(ti) 
Also, the i.h. SNSJr (-B' [s] [_/u] ) implies SNSJp(B'[s]), we therefore conclude 
SNSJIr(ti). 

— The cases B = Xy.B' and B = B'w are similar to the previous ones. 

D 

The following lemma states that the measure we use for proving VIE for Avoid/o 
decreases with every rewriting step. 

Lemma 5.12. Let to e Tv s.t. Tr(to) ^ SN\^o±d/o o,nd §NSJr(io)- If ^o — >Avoid h then 
§NSJr(ii) and 

- Either Tr {to) ^toid/o^rih) or 

- Tr(to) = Tr(ti) and MSJIr(io) ^ MSJIr(ii). 

Proof. By induction on to —^ Avoid *!• 
• Base cases: 

— If to = (Ax.s)L u — s-dB s[_/n]L = ti, where x ^ f v(s). 

Let L := [_/vi] . . . [./vk], Q := {v, \ T n iv{vi) / 0,i G {1, . . . , /c}} and Q := {v^ \ T n 
fv{vi) = fl>,i € {1, . . . , k}}. Define Lq the sublist of L containing only the elements in 
Q. We have 

* SN§Jr(*o) iff SNSJru{x}(s) =Lem [52]SNSJr(s) and Vj e SMx^oid/o for every Vj G 

Q. 

-k Tr(to) = {Xx.Tru{x}{s))LQ u =Lem.\5ll(^^-^r(.^))^Q ^■ 
There are two cases: 

(1) rnfv(u) 7^0 . We have Tr(ti) = Tr{s)[-/u]LQ. Then Tr(to) ^dB irr(ti). More- 
over, §NSJr(ti) iff SNSJr(s) and Vj G 5A/';^void/o foi^ every Vj £ Q , which holds 
by the hypothesis SNSJr(io)- 

(2) rnfv(n) = . We have Tr(ti) = Tr(s)LQ. Then Tr(to) ^dB Tr(s)[-/n]LQ ^h 
Tr(s)LQ = Tr(ti). Moreover, SNSJJr(*i) iff SNSJIp(s) and u G SJ\f x^oid/o and Vj G 
•SJ^Xvoid/o fo^^ every Vj G Q. The first and third parts follow from the hypothesis 
SNSJIr(to) while the second one follows from the hypothesis Tr(to) G SAfxvoid/o- 

— to = (Ax.s)L u -^p s{x/u}'L = ti, where x G fv(s). 

Let L, Q, Q and Lq be as in the previous case. We have 

• §NSJr(to) iff SNSJru{x}(s) and Vj G SM x^oid/o for every Vj G Q. 
-k Tr(to) = (A3;.Tru{x}('5))LQ u with x G Tru{^|(s). 

Then Tr(to) ^p Truw(s)Wn}LQ ^^ ^^em.^M Tr(s{x/u})LQ = Tr(ti). Thus in 
particular 1:yu{x}{s){x/u} G SM x^oid/o- 
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Since -u is a subterm of Tr(to)5 then u £ SM x^oid/o a-iid so SNSJIr('")- Then SNSJr(^i) 
iff §NSJIr(s{2;/u}) and Vj G SMx^oid/o ^or every Vj G Q. The first part holds by 
Lemma [5^91 the second one from the hypothesis §NSJr(io)- 

— to = ''^[-/■^] ^'h ^i[-/^i] • • • [-/vk] = ti, where k > 0, Vj <v for all j and fv{vj) C fv(t;). 
There are two cases: 

(1) rnfv(7;) = : we have that SNSJIr(to) implies SN§JIr(ti). Then Tr(to) = Tr(u) = 
Tr(ti), moreover the multiset [{rjx^oidiu), \u\)] of MSJp(to) is replaced by the fol- 
lowing multiset of MSJr(*i): [(??Avoid(^^i),|^^i|),---,(?7Avoid(^fc),|^^fc|)]- Since r?Avoid(^') > 
??Avoid(^i) and \v\ > \vi\ we thus conclude M§Jp(to) Zl MSJIp(ti). 

(2) r n f v(f ) / : let Q and Q as in de dB-case. Then SNSJr(ti) iff the terms in Q are 
SAf\void/o and §NSJr(u) holds: the former requirement holds because Tr(to) = 
Tr(u) [_/-;;] and so u G <SM Xvoid/o^ the latter because SNSJJr(to) iff SNSJr(M). Last, 
Tr(ti) = Tr(u)LQ, where Lg is the list of substitutions associated to the elements 
in Q, then 

Tr(to) = Tr{u)[./v] ^^ Tr(n)LQ = Tr(ii) 

— to = -B|[s[_/n]l ^u S|s][_/n] = ti. This case holds by Lemma EUl 
• Inductive cases: 

— to = u[-/v] ^-Avoid '^[-/v'] = ti where v — 7>Avoid v' . We consider three cases. 

(1) fv{v) n r = fc fv(t;0 n r = : WehaveTr(to) = Tr(u) = Tr(ti). Also SNSJIr(to) 
implies v G SJ\fxvoid/o so that v' G ^TV^Avoid/o and thus SN§J[r(ti). Finally, 

M§Jr(io)= M§JrMu[(r?Avoid/oW,|t'|)] ^ 

M§Jr(«) U [(r?Avoid/oK), l^'l)] = MSJr(ti) 

(2) fv(^)nr/0fc fv{v')r\r^lll -. We have §NSJr(to) = SNSJr(w) = SNSJr(ii)- 
Also Tr(to) = Tr{u)[./v] and Tr(ti) = Tr{u)Uv'], thus Tr(to) ^^oid/o ^r(ti). 

(3) f v(^) n r 7^ fc fv{v') n r = : We have that Tr(to) G SMx^oid/o imphes v G 
'^A^Avoid/o, so that v' G SJ\f xvoid/o and §NSJr(ti). 

Then Tr(to) = Tr{u)[./v] ^^ Tr(n) = Tr(ti). 

— All the other cases are straightforward. □ 

Theorem 5.13 (VIE for Avoid/o). Let t e % s.t. T0(t) G SMx^oid/o and SN§j0(t), then 

t G cSA/" Avoid/o- 

Proof. We proceed by induction on the measure m{t) = (??Avoid/o(1'0(^))j M§Jl0(t)). To show 
t G ^A/" Avoid/o it is sufficient to show t' G SM Xvoid/o foi" every Avoid/o-reduct of t. Take any 
of such reducts t' . Then Lemmas l5.10l and l5. 121 guarantee T0(t') G SAfx^oid/o and §NSj0(t'). 
Moreover, =o preserves m(t) and —> Avoid/o strictly decreases Tn{t). We thus apply the i.h. 
to conclude. □ 

The following is a consequence of the previous theorem: let t,u,U„ G A-terms and 
s = t[_/u]vli_. If T0(s) = tvl^ G SAfxmid and §NSj0(s) holds, i.e. u G SAfxvoid, then 
s = t[_/u]vn G ^TV^Avoid- Hence: 

Corollary 5.14 (IE for Avoid/o). The Xvo±d/o- calculus enjoys the IE property. 

Corollary 5.15 (PSN for Avoid/o). The Xvoid/o -calculus enjoys PSN, i.e. iftGTxf^ 
SNp, then t G SM x,roid/o- 
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Proof. By Theorem 13.11 it is sufficient to show FO, Fl and F2. The first two properties 
are straightforward. To show F2 assume v € 5A/'Avoid and u{x/v}t^ € 57VAvoid) both are 
A-terms. Then in particular u,v,t^ G '?A/' Avoid- We show that t = {Xx.u)vt^ G ^A/" Avoid 
by induction on r?Avoid(^) + ??Avoid(^^) + ^i ^Avoid(ij)- For that, it is sufficient to show that 
every Avoid-reduct of t is in ^SA/" Avoid- If the Avoid-reduct of t is internal we conclude 
by the i.h. If t — >/3 u{x/v}t^ = t' with x G fv(n), then t' G ^SA/" Avoid by hypothesis. If 
t — >dB u[-/v^^ = t', then t' G cSA/" Avoid by the IE property (Corollary I5.14p . There is no 
other possible Avoid-reduct of t which is a A-term and has no jumps. □ 

5.3. Projecting Aj/obox into Avoid/o. In order to relate the Aj/obox and the Avoid/o 
calculi we define a projection function from A j -terms to Avoid-terms: 



X 

Ax.wj(t) 
wj (i)wj (u) 

^j (*){^/^J (^)} if a^ G f ■^(*) 



wj(xj 
wj(A3;.t) 
wj (tu) 

wj(t[x/n]) .- ^ „j(i)[_/^j(„)] if3;^fv(i) 

Notice that fv(t) = fv(wj(t)). Also, wj(i) = t if t G 7a. 
We now state some basic static properties of w j . 

Lemma 5.16. Let t,u (^T- Then, wj{t{x/u}) = wj(i){x/wj(u)}. 

Proof. By induction on t. □ 

Lemma 5.17 (Projection). Let t^ G T . Then, 

(1) to ^dB ti implies wj(to) ^^,dB t^J(*i)- 

(2) to ^w,d,c ti implies wj(to) ^^.u/o wj(ii)- 

(3) to =0 ti implies wj(to) =o wj(ti). 

(4) to =boxi,box2 ii implies wj(to) = wj(ti). 

Proo/. 

• Base cases: 

— to = (Ax.t)L u ^►dB t[x/u]L = ti. 

Let M = [-/wj(i;j)]^ (resp. p) be the sequence of jumps (resp. the meta-level substitu- 
tion) resulting from the projection of tg, i.e. wj(to) = (Ax.wj(t))M p wj(u). 
If X G fv(t), then: 

wj(io) = (Ax.wj(t)p)[_/wj(7;i)/9]^wj(n) -^^ 
wj(i)Ma;/wj(n)}[_/wj(z;i)p]^ = 
wj (t){rc/wj (u)}p[_/wj {vi)p]i, = wj (ti) 

If x ^ fv(t), then: 

wj(io) = (Aa;.wj(t)p)[_/wj(t>i)p]^wj(u) ^jb 
wj(t)p[_/wj(u)][_/wj(t;i)/)]^ 

wj(i)[-/wjM][-/wj(^^^)p]il^/^ = Wj(ti) 

— to = t[x/u] — 7>„ t = ti where |t|a; = 0. Then wj(t[x/M]) = wj(t)[_/wj(u)] ^h wj(t). 

— to = t[2;/u] ^d t{x/n} = ti where |t|a; = 1. Then wj {t[x/u\) = wj (t){x/wj {u)} =^g^ [536] 
wj(t{x/u}). 
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— to = t[x/u] —^c t[y]x[x/u][y/u] = ti where \t\x > 2. Then wj(t[a;/'u]) = wj(t){a;/wj(n)} = 

— io = t[x/u][y/v] =cs t[y/v][x/u] = ti where y ^ fv(ii) x ^ fv{v). There are two cases: 
If a; G fv(i) or y G fv(i), then we obtain wj(to) = wj(ti). 

If X ^ fv(t) and y ^ fv(i), then 

wj(io) = wj(t)[_/wj(n)][_/wj(t;)] =cs wj(f)[_/wj(7;)][_/wj(n)] = wj(ti) 

— to = {Xy.t)[x/u] =ai \y.t[x/u] = ti where y ^ fv{u). There are two cases: 

If X € fv(Ay.t), then wj(to) = (Ay.wj(t)){a;/wj(ii)} = Ay.wj(i){x/wj(u)} = wj(ti). 
If X ^ fv(Ay.t), then wj(to) = (A2/.wj(t))[_/wj('u)] eee^ Ay.wj(t)[_/wj('u)] = wj(ti). 

— to = (it')[x/n] =0-2 t[x/u]v = ti where x ^ fv(u). 
There are two cases: 

If a; G fv(i), then wj(io) = (wj(t)wj(f)){x/wj(u)} = wj(t){x/wj(n)}wj(i;) = wj(ti). 
If X ^ fv(i), then wj(to) = (wj(t)wj(?;))[_/wj(u)] =a wj(t)[_/wj(tx)]wj(t)) = wj(ti). 

— to =boxi,box2 h- Then triviahy wj(to) = wj(ti). 
The inductive cases: 

— to = u[x/v] — >■ (resp. =) u'[x/v] = ti, where u — > (resp. =) n'. If x € fv(n) &: x G 
fv(ti') or X ^ fv(ti) &: X ^ fv(n') then the property is straightforward by the i.h. So 
let us suppose x € fv(n) & x ^ fv(u') (so that the reduction step is necessarily a 



w-step). We have wj(n) 



'h,u/o 



(i./i.) wj(n'). But X G fv(u) &; X ^ fv(u') implies 



X G fv(wj(u)) &: X ^ fv(wj(u')) so that in particular we have wj(n) ^fju/o ^J (""')■ 

Then wj(to) = wj('u){x/wj(t;)} ^-^^^/^ i^j(^')[-/wj(^)] = wj(ti) holds by Corollary [5Jl 

- All the other cases are straightforward. □ 

Here are some interesting examples: 



t' 



wj(t) 



wj(t') 



f[y/x][x/u] 
f[y/xz][x/u\[z/v] 
f[y/xx][x/u\ 
{f[w/f[y/xz]]g){x/u][z/v] 



f[x/u] 
f[x/u][z/v] 
f[x/u] 
{f[w/f]g)[x/u][z/v] 



f[-M 
f[-/uv] 
f[-/uu] 
{fUfUuvM 



^h 



— ^h,u 



f[-H 

f[-M[-/v] 

f[-M 

if[-/f]9)[-M 



-M 



The previous property allows us to conclude with one of the main results of this paper. 

Theorem 5.18 (PSN for Aj/obox). The Xj / ohox-calculus enjoys PSN, i.e. ift G TxHSAf/B, 
then t G SMxj/ohox- 

Proof. We apply Theorem 11.31 where A = Avoid, Ai = {w, d, c}, A2 = {dB}, E is =obox, 
F is =0 and t TZ wj(t). Property (PO) holds by Lemma 15.17131 111 Property (PI) holds 
by Lemma 15.17121 Property (P2) holds by Lemma 15.17111 and Property (P3) holds by 
Corollary 14.71 Now, take t G 7a PI SMp so that Corollarv 15.151 gives t G SM\^a±d/o- Since 
wj(t) = t, then t G 5A/'Aj/obox by application of the Theorem. D 



6. Consequences of the main result 

In this section we show how the strong result obtained in Section 
PSN for different variants of the Aj/obox-calculus. 



can be used to prove 
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6.1. Adding {u} to Aj/obox. We show that the reduction relation u of Avoid/o can be 
added to A j /obox without breaking PSN. The main point of this extension is to show that it 
is safe to consider unboxing (for void jumps) together with the box equations (for non-void 
jumps). For that, we first extend the rule u to act on the whole set T and not only on 7^ 
(but they still concern void substitutions only). Boxed contexts are extended to non-void 
jumps as expected, namely: 

B ::= tC I t[x/C] \ Bt \ B{x/t\ \ Xy.B 

Then the rule is given by: 

i?|i[x/ti]] i-7>u -B[t][x/n], where B does not bind u Sz x ^ f'^(*) 

Indeed, the wj function maps u-reduction steps of {Aj,u}/obox into {h, u}-reduction steps 
of Avoid/o, as the next lemma shows. 

Lemma 6.1 (Extended Projection). Let to € T. Then, to — )■„ ti implies wj(io) ~^hu/o 
wj(ti). 

Proof. By induction on the reduction relations. 

• to = Blt[x/u]l -^u Blt}[x/u\ = ti where B does not bind u and x ^ fv(t). We show a 
stronger property, namely: 

If to = C'[*[2;/'m]1 -^ Clt}[x/u] = ti where C does not bind u and x ^ fv(t), then 
wj(*o) ^"hu/o ^J(*i)- Then the property we want show is just a particular case of the 
stronger property. By a-conversion we assume w.l.g. that x is not even free in C|i]. 
We reason by induction on C. 

— to = |t[x/n]] — >u |t][x/ti] = ti. Then to = h so that wj(to) = wj(ti). 

— to = C"|t[x/u]]f ^u (C"|t]'y)[x/n] = ti. Then we conclude by using the i.h. and the 
equivalence =0^2- 

— to = vC'lt[x/u]l ^-u (fC"|i])[2;/u] = ti. Then we conclude by using the i.h. and the 
reduction -^^. 

— to = Xy.C'lt[x/u]j ^u {Xy.C'ltJ)[x/u] = ti. Then we conclude by using the i.h. and 
the equivalence =ai- 

— to = v[y/C'lt[x/u]j] —^-a v[y/C'ltj][x/u] = ti. We reason by cases. 
If y ^ i'v{v), then: 

wj(to) = ^3{v[y/C'lt[x/uW 

^2{v)[-M{C'lt[x/u]j)] ^:^/A^.h.) 

wj(^)[_/wj(C'W)[_/wj(«)]] ^, 

wj(7;)[_/wj(C7'Itl)][_/wj(n)] =wj(ti) 

If y G i'v{v), then: 

wj(to) = ^j{v[y/C'lt[x/u]}]) 

wj iv){yM {C'it[x/u]m ^l ^/^ {i.h. & Lem. EM 

wj(^;){y/wj(C'Itl)[_/wj(n)]} ^*;/„ (Lem.m 

wj(^){y/wj(C7'[t])}[_/wj(t.)] = 

^jiv[y/c'ltj])[.M{u)] =wj(ti) 

— to = C'lt[x/u]j[y/v] -^^ C'ltj[y/v][x/u] = ti. Note that y ^ fv{u), otherwise the rule 
cannot be applied. We reason by cases. 
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Ify^fv(C'[tl),then: 

wj(to) = ^]{C'{t[x/u]}[y/v]) 



^2{C'ltj)[-Min)]{-M{v)] 



=cs 



wj(C"[tl)[_/wj(^)][_/wj(n)] =wj(ti) 
If2/efv(C"[t]), then: 

wj(to) = ^3{c'lt[xM}[yM) 

^jiC'lt[x/u]}){yMiv)} ^L/o(^-^-) 

wj(C'[tl)[_/wj(n)]{y/wj(t;)} = 
wj(C'M){y/wj(t-)}[_/wj(n)] =wj(ti) 

• The inductive cases for the abstraction, the apphcation and reduction inside substitution 
are straightforward. 

• to = uqIh/ui] —7- UQ[y/ui] = ti, where uq -^^ u'q (resp. uq — )■„ Uq). Since u preserves free 
variables, then y G fv(«o) & y S fv(uQ) or y ^ fv(tio) & y ^ f'^(^o) so that the property- 
is straightforward by the i.h. □ 

Theorem 6.2. The {X2,'a.}/o'hox- calculus enjoys PSN, i.e. t G Tx O SNp, then t € 

'5A/'|Aj,u}/obox- 

Proof. We apply Theorem 11.31 where A = Avoid, Ai = {w, d, c,u}, ^2 = 
setdB, E is =obox) F is =0 and t TZ^j (t). Property (PO) holds by Lemma r5.17l3l Hl Property 
(PI) holds by Lemmas 15.17121 and 16.11 Property (P2) holds by Lemmas 15.17111 To show 
Property (P3) we proceed as follows. First of all notice that u/obox is trivially terminating, 
then show that .Ai/obox is terminating by showing that t — )-^i/obox t' implies (jm(f), t) >iex 
(jm(t'), t'), where the first component of the pair is compared with respect to the multiset 
order, the second with respect to the terminating relation — J-u/obox) and the stability of jni(_) 
by =obox5 which is given by Lemma [4.6121 Now, take t € 7a n SAfjs so that Corollarv 15.151 
gives t G <SAfxvoid/o- Since wj(i) = t, then t G SM^x^ u}/obox by application of the Theorem. 

D 



6.2. Orienting the axioms of obox. Another interesting result concerns a more tradi- 
tional form of explicit substitutions calculus, called here the inner structural A-calculus, 
and noted Ajin, whose rules appear in Figure El 

Let — >in/cs be the context closure of the rules 1— >-in/csi 234 modulo =cs. 

Lemma 6.3. The reduction relation ^-in/cs ^s strongly normalising. 

Proof. Define M{t) to be the sum of all the sizes of the subterms of t directly affected by 
jumps. It is easily seen that such a measure strictly decreases by one-step rewriting and is 
invariant by =cs. Q 

Corollary 6.4. The inner structural X-calculus Ajin enjoys PSN. 

Proof. By application of Theorem 11.31 where the required properties of the projection of 
Ajin into A j /obox are guaranteed by Lemmas 15.171 and 16.31 □ 
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(Ax.t)L u 


l-^'dB 


t[x/u\L 




t[x/u] 


^w 


t 


if |tu = 


t[x/u] 


^d 


t{x/u} 


if \t\^ = 1 


t[x/u] 


^c 


t[y]Jx/u][y/u] 


if |tu > 1 


iXy.t)[x/u] 


'-^'in/CSi 


Xy.{t[x/u]) 




(tv) [x/u] 


'^in/CSa 


t[x/u]v 


if X ^ iv{v) 


{tv)[x/u] 


'^in/CS3 


tv[x/u] 


if X ^ fv(t) k X £ fv(u 


t[y/v][x/u] 


'-^'iii/CS4 


t[y/v[x/u]] 


if X ^ fv(t) & X G fv(i; 



t[x/u][y/v] r^cs t[y/v][x/u] \i x ^ fv{v) k y ^ fv{s) 

Figure 7: The inner structural A-calculus Ajin 
{Xx.t)u — s-B t[x/u] 

x[x/u\ — S-d' u 

t[x/u\ — >„ t if X ^ f v(t) 

(iu)[x/ii] — )-@r tf[x/ii] if X ^ i'^i't) and x G fv(i;) 

{tv)[x/u\ — )-@j t[x/M]u if X G fv(t) and x ^ fv(u) 

(iu)[x/ii] — )-@ t[x/M]u[x/u] if X G fv(t) and x G fv(u) 

(Ay.t)[x/n] -^A Xy.t[x/u] 

t[x/u][y/v] -^compi t[x/n[y/i;]] if y ^ fv(t) and y G f v(ii) 

t[x/u\[y/v] ->comp2 *[y/^]k/^ib/w]] if y G f v(t) and y G f ¥(■«) 

t[x/n][y/t;] ~cs t[y/v][x/u] if y ^ fv(n) and x ^ fv(f) 

(and X 7^ y) 

Figure 8: The Aes-calculus 

The inner structural A-calculus can be seen as a refinement of Kesner's Aes [20j . an explicit 
substitution calculus related to Proof-Nets, whose rules are in Figure El 

Indeed, only rules {@, coinp2} are not particular cases of rules of Ajin, but they can be 
decomposed by using duplication followed by propagations as follows: 

{tv)[x/u\ — >-@ t[x/u]v[x/u\ 

{tv{x/y})[x/u][y/u] ^m/csa it[x/u]v{x/y})[y/u] =a {t[x/u]v)[x/u] 
It is then straightforward to simulate Aes inside Ajin, so we get: 
Corollary 6.5. The Xes-calculus enjoys PSN. 



The second author shows in [21] that from PSN of Aes one can infer PSN of a wide 
range of calculi. Ax, Kesner's Aes and Aesw [20], Milner's calculus Asub [33], David's and 
Guillaume's A„s [2], the calculus with director strings of [H]. Hence PSN for Aj/obox 
encompasses most results of PSN in the literature of explicit substitutions. 
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(Ax.t)L u 

t[x/u\ 
t[x/u] 
t[x/u] 


l-^'dB 
^d 


t[x/u]L 

t 

t{x/u\ 

t[yu\-xlu][y/u] 


if |tu = 
if |tu = 1 

if |t|^ > 1 


Xy.it[x/u]) 
t[x/u]v 
tv[x/u] 
t[y/v[x/u]] 


'~^0Ut2 
'~^0Ut4 


{\y.t)[x/u] 
{tv)[x/v\ 
{tv)[x/u] 
t[y/v][x/u] 


if y ^ f v( 


t[x/u][y/v] 


~CS 


t[y/v][x/u] 


if X ^ f VI 



Figure 9: The outer structural A-calculus Ajout 

The interesting feature of Ajin with respect to Aes is that the propagation subsystem 
— T-iji/cs is not needed in order to compute a normal form. Propagations are rather (lin- 
ear) re-arrangements of term constructors which may be used as the basis of some term 
transformations used for compilation or optimisation. 

The strength of a splitting of the whole calculus into a core and propagation system 
lies in the fact that the latter can be changed without affecting the former. In particular, 
it is possible to orient the axioms {(Ti,<T2,boxi,box2} in the opposite direction by getting 
the outer structural A-calculus A j out , whose rules are in Figure [H 

Observe that in contrast to the inner calculus the outer box rules act also on void 
jumps, i.e. they are not just an orientation of the box equations, but an extension too. 
This is possible because — as showed earlier (Theorem 16. 2p — extending A j /obox with 
unboxing for void jumps is safe (while we do not know whether it is safe to extend A j /obox 
with boxing for void jumps). Let ^out/cs be the derived context closure of the outer rules 
'-^outi,2,3,4 modulo EEcs. 

Lemma 6.6. The reduction relation — T-out/cs ^-^ strongly normalising. 

Corollary 6.7. The outer structural X-calculus Ajout enjoys PSN. 

Proof. By application of Theorem 11.31 where the required properties of the projection of 
Ajout into A j /obox are guaranteed by Lemmas 15.171 and 16.61 D 

In fact, it is easily seen that no matter how the axioms {cii, cr2,boxi,box2} are oriented 
that they get a terminating rewriting system. As for Ajin and Ajout, PSN can also be 
proved for the remaining 14 derived calculi, even if it is not clear to what extent they would 
be interesting. 

6.3. Adding equations to A-terms. We briefly present here the results of [4], which 
extends and complement those of this paper. As discussed in Section 14.11 the equations 
=CTj and =0-2 can be seen as a jump reformulation of Regnier's cj-equivalence on A-terms 
after the elimination of dB-redexes. It is also possible to apply the dB-rule in the other sense 
(i.e. as a dB-expansion) to the equations {~boxi, ~box2} in order to obtain other equations 
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on A-terms. If x ^ f'v(i) and x G fv(u), the equation ~boxi can be dB-expanded to the new 
equation box: 

[tv) [x/u] ~boxi tV [x/u] 



tdB tdB 

{\x.tv)u -5^ t {{\x.v)u) 

Axiom box is a more general instance of the rule called assoc [34^ [301 IB] (which usually is 
not taken modulo but oriented from right to left). The axiom ~box2 dB-expands to a special 
case of ~g^, and thus it is subsumed by it. Indeed: 

t [y/v] [x/u] ~box2 t [y/v[x/u]] 

tdB tdB 

( {Xy.t)v ) [x/u] ~boxi (Ay.t)t' [x/u] 

tdB tdB 

^x.{{\y.t)v))u ~g^ {\y 4iLi.^x.v)^I^ 

Last, one can turn the unboxing rule into its A-calculus form, getting: 
t{{\x.v)u) i->u {\x.tv)u if x ^ f v(t) &: X S iv{v) 

Let =n be defined as the smallest equivalence relation containing =r^ ^ g^i and =obox- In 
[1] we show that the {Aj,u,u}/n-calculus in Figure [10] enjoys PSN. The proof is obtained 
via a simple function which eliminates dB-redexes, and that project this calculus over the 
{Aj , u}/obox-calculus, whose PSN is given by Theorem l6.2[ The main result of [1], however, 
is that the the {Aj,u, uj/II-calculus is also Church-Rosser modulo the whole equational 
theory. This is proved via M-developments, a new notion of development taking advantage 
of jumps. Actually, in [1] we use a macro-steps substitution rule t[x/u] ^-sub t{x/u} instead 
of our subsystem — )>j : we do so because the fine granularity of — 7>j plays no role in the proof 
of these properties, their refinement to — )-j is straightforward. 

Let us call permutative A-calculus (see Figure [TTI) the set of A-terms plus the opera- 
tional semantics given by {/3,ii}/P, where =p is the smallest equivalence relation containin 
(Ji, (T2, box. Such a calculus can be (strictly) simulated into the {A j,u, uj/II-calculus and 
thus it enjoys PSN. This result generalises all known results in the literature about PSN 
for A-calculus extended with permutative conversion [8tl39[[30]. In [4] we also prove that it 
is Church-Rosser modulo =p. 

7. Conclusions 

We have introduced the structural A j -calculus, a concise but expressive A-calculus with 
jumps admitting graphical interpretations by means of A j -dags and Pure Proof-Nets. Even 
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Figure 10: The structural A-calculus modulo 
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Figure 11: The permutative A-calculus 

if Aj has strong linear logic background, the calculus can be understood as a particular 
reduction system, based on the notion of multiplicity and reduction at a distance, and 
being independent from any logic or type system. We established different properties for Aj 
such as confluence and PSN. Moreover, full composition holds without any need of structural 
composition nor commutation of jumps. The Aj-calculus admits a graphical operational 
equivalence =o allowing to commute jumps with linear constructs. The relation =o can be 
naturally understood as Regnier's u-equivalence on A-terms and turns out to be a strong 
bisimulation. Moreover, =o can be further extended to the substitution equivalence =obox 
allowing to commute also jumps and non-linear constructs. The resulting calculus enjoys 
PSN, a non-trivial result from which one derives several known PSN results. 

PSN of Aj modulo =obox is shown by means of an auxiliary calculus Avoid/o which can 
be understood as a memory calculus specified by means of void substitutions. A memory 
calculus due to Klop [27] is often used for termination arguments. Its syntax is usually 
presented as follows: 

t, u ::= X I Ax.t I tu I [t, u\ 



42 B. ACCATTOLI AND D. KESNER 



where x G f v(i) for every term Xx.t and the memory construct [t, u] is used to cohect in u 
the arguments of the erasing /?-redexes. The rule associated to this calculus are: 

{Xx.t)u \-^j3 t{x/u} 

[t,v]u l-)-,r [tU,v] 

If one interprets [t, v] as t[-/v] then Klop's calculus can be mapped into Avoid/o: /3 maps to 
/3 and vr becomes the reduction rule t[_/v]u — >• (tu)[_/f], which is subsumed by the equation 
=0-2 of Avoid/o. Indeed, Avoid/o is more expressive than Klop's calculus. We claim that 
Avoid/o is interesting on its own and can be used for proving termination results beyond 
those of this paper. 

We do not know whether Aj/obox extended with unrestricted boxing, in contrast to 
Aj/obox extended with unrestricted unboxing presented in Section l6.ll enjoys PSN. The 
point is delicate, indeed from the literature ([32j) we know that unrestricted boxing together 
with the following traditional explicit substitution rule (without side condition on x): 

{tv)[x/u] — J-® t[x/u]v[x/u] 

break PSN. Now, the rule — t-® cannot be simulated in Aj/obox, so it would be interesting 
to understand if A j /obox plus unrestricted boxing enjoys PSN. 

An interesting research direction would be to formalise the link between A j , linear logic 
and abstract machines. Indeed, in contrast to explicit substitution calculi, Aj naturally 
expresses the notion of linear head reduction [7], which relates in a simpler way to Krivine's 
Abstract Machine [29] . This is because linear head reduction performs the minimal amount 
of substitutions necessary to find which occurrences of variables will stand in head positions. 
While this is not a reduction strategy in the usual sense of A-calculus, it can be seen as 
a clever way to implement /3-reduction by means of proof-nets technology, which can be 
reformulated in the A j -calculus as a strategy. 

The structural A-calculus has been used in [3] to specify XL-developments, a terminating 
notion of reduction generalising those of development [T7] and super development [28]. It 
would be interesting to better understand XL-developments. 

It would also be interesting to exploit distance and multiplicities in other frameworks 
dealing for example with pattern matching, continuations or differential features. A direc- 
tion which seems particularly challenging is standardization for A j . It would be interesting 
in particular to obtain a notion of standard reduction which is stable by =o-equivalence 
(or at least =cs) so that the result would pass to A j -dags). Indeed, classical notions as 
leftmost-outermost reduction do not easily generalise to Aj modulo =0, where jumps can 
be swapped and permuted with linear constructors. 
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